JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.234.5.148

1.234.5.148 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 74%: ?

74%

ISP	SK Broadband Co Ltd
Usage Type	Fixed Line ISP
ASN	AS9318
Domain Name	skbroadband.com
Country	🇰🇷 Korea (the Republic of)
City	Seongnam-si, Gyeonggi-do

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.234.5.148

Whois 1.234.5.148

IP Abuse Reports for 1.234.5.148:

This IP address has been reported a total of 48 times from 37 distinct sources. 1.234.5.148 was first reported on March 2nd 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇬 securejdprop	2026-06-18 13:26:38 (1 hour ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇮🇪 RoboSOC	2026-06-06 15:03:46 (1 week ago)	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	Port Scan
🇳🇱 nate naten	2026-06-06 13:42:27 (1 week ago)	HoneyTrap: git_config attempt on /.git/config from South Korea	Bad Web Bot Web App Attack
🇦🇺 Starburst SysOp Team	2026-06-06 11:02:20 (1 week ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-syd2-4)	Hacking Bad Web Bot
🇩🇪 ut-addicted.com	2026-06-06 08:55:12 (1 week ago)	\[Sat Jun 06 10:55:10.717609 2026\] \[:error\] \[pid 15324:tid 139785821722368\] \[client 1.234.5.14 ... show more \[Sat Jun 06 10:55:10.717609 2026\] \[:error\] \[pid 15324:tid 139785821722368\] \[client 1.234.5.148:60240\] \[client 1.234.5.148\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.git/config"\] \[unique_id "aiPgboLwCt6uFbEx8z6GyQAAAQg"\] show less	Brute-Force Web App Attack
Anonymous	2026-06-06 06:33:53 (1 week ago)	"GET /.git/config HTTP/1.1"	Hacking Web App Attack
🇩🇪 srtzero	2026-06-06 04:36:25 (1 week ago)	1.234.5.148 - - [06/Jun/2026:06:36:25 +0200] "GET /.git/config HTTP/1.1" 404 162 "-" "Mozilla/5.0 (c ... show more 1.234.5.148 - - [06/Jun/2026:06:36:25 +0200] "GET /.git/config HTTP/1.1" 404 162 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" ... show less	Port Scan Bad Web Bot Web App Attack
🇩🇪 McClay	2026-06-06 04:20:08 (1 week ago)	Illegal access attempt:1.234.5.148 - - [06/Jun/2026:06:20:07 +0200] "GET /.git/config HTTP/1.1" 404 ... show more Illegal access attempt:1.234.5.148 - - [06/Jun/2026:06:20:07 +0200] "GET /.git/config HTTP/1.1" 404 1014 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" ... show less	Hacking Web App Attack
🇵🇾 armandosaucedo.me	2026-06-06 03:37:55 (1 week ago)	Threat Intelligence via ARMTI, Web Attack: GET /.git/config	Web App Attack
🇩🇪 centurion	2026-06-06 00:20:05 (1 week ago)	Blocked by UFW on ns02 [80/tcp] Source port: 58188 TTL: 43 Packet length: 60 TOS: 0x00 This report ... show more Blocked by UFW on ns02 [80/tcp] Source port: 58188 TTL: 43 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 xxkodedxx	2026-06-05 23:04:51 (1 week ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 2× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 2× edge-block in 10m window. Origin: KR / AS9318 SK Broadband Co Ltd Active: 23:04:24 UTC Volume: 2 HTTP req Probed: /.git/config Status mix: 444×2 Vhost fishing: 67.217.240.72 UA: "Mozilla/5.0 (compatible; Scanner/1.0)" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇺🇸 jfz-abuse	2026-06-05 19:01:03 (1 week ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇩🇪 mygcode.de	2026-06-05 17:40:23 (1 week ago)	Scanning for Exploits	Bad Web Bot
🇨🇿 lp	2026-06-05 15:25:49 (1 week ago)	anomaly: tcp_port_scan, 569 > threshold 500, repeats 4018 times	Port Scan
🇺🇸 JustMeHere	2026-06-05 09:49:15 (1 week ago)	[Fri Jun 05 05:49:10.767566 2026] [security2:error] [pid 2032:tid 2169] [client 1.234.5.148:56764] M ... show more [Fri Jun 05 05:49:10.767566 2026] [security2:error] [pid 2032:tid 2169] [client 1.234.5.148:56764] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "73.88.79.72"] [uri "/.git/config"] [unique_id "aiKblqUAQd6ODzkPWZjGNgAAAJc"] ... show less	Web App Attack

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.46.13.168

🇬🇧 185.127.69.17

🇺🇸 216.25.89.92

🇺🇸 159.135.226.30

🇺🇸 147.185.132.106

🇮🇩 125.164.81.50

🇰🇷 121.189.103.212

🇵🇰 111.68.102.19

🇺🇸 104.252.175.172

🇸🇪 104.23.223.119

🇫🇷 91.196.152.208

🇪🇸 91.116.117.36

🇩🇪 8.209.119.142

🇰🇷 222.110.147.56

🇺🇸 167.71.160.38

🇺🇸 165.154.162.126

🇻🇳 117.4.184.50

🇳🇱 107.189.27.179

🇮🇳 103.127.30.137

🇱🇹 81.30.98.62