JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 206.189.159.163

206.189.159.163 was found in our database!

This IP was reported 97 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 206.189.159.163

Whois 206.189.159.163

IP Abuse Reports for 206.189.159.163:

This IP address has been reported a total of 97 times from 36 distinct sources. 206.189.159.163 was first reported on April 7th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-12-22 14:17:53 (6 months ago)	apache vulnerability scan	Web App Attack
🇳🇱 Linuxmalwarehuntingnl	2024-07-03 08:53:33 (1 year ago)	Unauthorized connection attempt	Brute-Force
🇮🇩 Incidents Response Neptus Team	2024-05-09 09:48:00 (2 years ago)	Report Abuse IP	Hacking Exploited Host Web App Attack
🇩🇪 niceshops.com	2024-05-08 22:12:02 (2 years ago)	Web Attack (May 24 00:12:02 ScriptKiddie: request for /wp-content/alfacgiapi/perl.alfa )	SQL Injection Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2024-05-08 13:51:28 (2 years ago)	LF_APACHE_403: 206.189.159.163 (SG/Singapore/-), more than 30 Apache 403 hits in the last 3600 secs	Web App Attack
🇮🇩 penjaga BRIN	2024-05-08 12:01:28 (2 years ago)	Multiple WP scan detected from same source ip.-111	Brute-Force
🇺🇦 URAN Publishing Service	2024-05-06 01:56:05 (2 years ago)	206.189.159.163 - - [06/May/2024:04:55:58 +0300] "GET /wp-content/alfacgiapi/perl.alfa HTTP/1.1" 404 ... show more 206.189.159.163 - - [06/May/2024:04:55:58 +0300] "GET /wp-content/alfacgiapi/perl.alfa HTTP/1.1" 404 3139 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" 206.189.159.163 - - [06/May/2024:04:56:03 +0300] "GET /wp-content/alfacgiapi/perl.alfa HTTP/1.1" 404 3138 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" ... show less	Web App Attack
🇮🇩 penjaga BRIN	2024-05-05 04:00:58 (2 years ago)	Multiple WP scan detected from same source ip.-111	Brute-Force
🇧🇪 cmbplf	2024-05-05 03:22:30 (2 years ago)	1.111 requests to *.alfa 8 requests to /indoxploit.php	Brute-Force Bad Web Bot
🇮🇩 penjaga BRIN	2024-05-04 00:09:17 (2 years ago)	nginx-dos-180	Web App Attack
🇺🇦 URAN Publishing Service	2024-05-03 15:22:19 (2 years ago)	206.189.159.163 - - [03/May/2024:18:22:17 +0300] "POST /wp-content/alfacgiapi/perl.alfa HTTP/1.1" 40 ... show more 206.189.159.163 - - [03/May/2024:18:22:17 +0300] "POST /wp-content/alfacgiapi/perl.alfa HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" 206.189.159.163 - - [03/May/2024:18:22:18 +0300] "POST /wp-content/alfacgiapi/perl.alfa HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" ... show less	Web App Attack
🇬🇷 s1n4h7c	2024-05-03 06:58:00 (2 years ago)	Directory Fuzzing Attack	Web App Attack
🇺🇸 mawan	2024-05-01 02:42:08 (2 years ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇮🇩 hermawan	2024-05-01 02:35:43 (2 years ago)	[Wed May 01 09:35:40.555583 2024] [security2:error] [pid 517127:tid 128683283056192] [client 206.189 ... show more [Wed May 01 09:35:40.555583 2024] [security2:error] [pid 517127:tid 128683283056192] [client 206.189.159.163:63991] [client 206.189.159.163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "300" at REQUEST_HEADERS:Keep-Alive. [file "/etc/modsecurity/coreruleset-4.0.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "80"] [id "440004"] [msg "Keep Alive Header"] [data "Matched Data: 300 found within REQUEST_HEADERS:Keep-Alive: 300 request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/"] [unique_id "ZjGqfFA5OMZ5SjtcE8sjjQAAAhk"] [staklim-malang.info] [staklim-malang.info] top=[517194] [Yw2rV6v+mHI] [ZjGqfFA5OMZ5SjtcE8sjjQAAAhk] keep_alive=[0] [2024-05-01 09:35:40.555586] [R:ZjGqfFA5OMZ5SjtcE8sjjQAAAhk] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36' Host:'staklim-malang.info' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' Accept-Lang ... show less	Hacking Web App Attack
🇲🇾 Rizzy	2024-04-30 09:08:42 (2 years ago)	Multiple WAF Violations	Brute-Force Web App Attack

Showing 1 to 15 of 97 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.236.4.150

🇭🇰 152.32.239.90

🇫🇷 85.217.140.1

🇺🇸 18.204.196.155

🇳🇱 193.176.31.242

🇳🇱 188.166.108.155

🇧🇷 187.86.170.34

🇫🇷 185.177.72.29

🇬🇧 185.152.248.218

🇵🇰 153.117.13.44

🇯🇵 124.155.125.131

🇰🇷 121.167.147.112

🇺🇸 75.80.69.106

🇳🇱 5.61.209.224

🇨🇳 223.104.79.246

🇺🇦 217.147.171.54

🇹🇼 198.235.24.126

🇺🇿 198.163.192.146

🇺🇸 162.216.150.148

🇭🇰 152.32.254.222