JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.131.170.101

104.131.170.101 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.131.170.101

Whois 104.131.170.101

IP Abuse Reports for 104.131.170.101:

This IP address has been reported a total of 12 times from 11 distinct sources. 104.131.170.101 was first reported on November 30th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-03-07 22:43:55 (3 months ago)	ThreatBook Intelligence: vpn_proxy,Dynamic IP more details on https://threatbook.io/ip/104.131.170.1 ... show more ThreatBook Intelligence: vpn_proxy,Dynamic IP more details on https://threatbook.io/ip/104.131.170.101 2026-03-07 15:34:53 / 2026-03-07 15:34:59 /assets/favicon-7901bd695fb93edb07975966062049829afb56cf11511236e61bcf425070e36e.png show less	Web App Attack
🇦🇺 MAGIC	2026-01-10 03:17:14 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 openstrike.co.uk	2025-12-02 06:14:41 (6 months ago)	3 attacks on VC URLs: GET /.git/config HTTP/1.1	Hacking
🇦🇺 2000cn.com.au	2025-12-01 11:32:45 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇧🇪 Ivo Vynckier	2025-12-01 10:46:00 (6 months ago)	104.131.170.101 - - [01/Dec/2025:09:50:49 +0100] "GET /.git/config HTTP/1.1" 403 177 "-" "Mozilla/5. ... show more 104.131.170.101 - - [01/Dec/2025:09:50:49 +0100] "GET /.git/config HTTP/1.1" 403 177 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Web App Attack
🇬🇧 openstrike.co.uk	2025-12-01 06:14:07 (6 months ago)	5 attacks on VC URLs: GET /.git/config HTTP/1.1	Hacking
🇺🇸 thefoofighter	2025-11-30 22:40:15 (6 months ago)	[Sun Nov 30 22:38:09.856276 2025] [:error] [pid 4025244] [client 104.131.170.101:58936] [client 104. ... show more [Sun Nov 30 22:38:09.856276 2025] [:error] [pid 4025244] [client 104.131.170.101:58936] [client 104.131.170.101] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "squixl.com"] [uri "/.git/config"] [unique_id "aSzHUe70SK8v0GFKmU5IAQAAAAo"] [Sun Nov 30 22:40:15.142771 2025] [:error] [pid 4024854] [client 104.131.170.101:57198] [client 104.131.170.101] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_ ... show less	Bad Web Bot Web App Attack
🇵🇱 tr1n	2025-11-30 18:16:22 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 14061 (DIGITALOCEAN-ASN) ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 14061 (DIGITALOCEAN-ASN) Protocol: HTTP/1.1 (GET method) Endpoint: /.git/config Timestamp: 2025-11-30T18:16:22Z UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 show less	Bad Web Bot
Anonymous	2025-11-30 17:20:11 (6 months ago)		Web App Attack
🇨🇭 Sophie Nina	2025-11-30 17:00:41 (6 months ago)	Automatically blocked by server	Fraud Orders
🇺🇸 Starburst SysOp Team	2025-11-30 11:04:08 (6 months ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-mnz6-3)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-30 09:55:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.131.170.101 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 104.131.170.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 30 04:54:54.280669 2025] [security2:error] [pid 16556:tid 16556] [client 104.131.170.101:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sportsbookcommission.com"] [uri "/.git/config"] [unique_id "aSwUbuzyKSBxUoJiFwQ77QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 202.29.236.76

🇧🇷 190.106.237.110

🇳🇱 93.123.109.114

🇫🇷 80.87.206.227

🇿🇼 74.244.197.226

🇺🇸 73.138.252.207

🇨🇳 59.55.128.147

🇮🇳 49.207.40.162

🇸🇪 46.59.122.78

🇸🇬 8.219.40.172

🇷🇴 2.57.121.112

🇦🇷 200.50.155.58

🇧🇪 198.235.24.244

🇷🇺 178.209.93.185

🇨🇳 115.190.126.68

🇧🇬 79.124.62.126

🇺🇸 50.188.204.213

🇭🇰 45.152.64.44

🇺🇸 205.210.31.57

🇬🇧 194.164.91.60