AbuseIPDB » 134.119.244.251

134.119.244.251 was found in our database!

This IP was reported 1,789 times. Confidence of Abuse is 100%: ?

100%

ISP	dedicated server
Usage Type	Data Center/Web Hosting/Transit
ASN	AS34011
Hostname(s)	mc21072.ispgateway.de
Domain Name	domainfactory.de
Country	Germany
City	Koln, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 134.119.244.251

Whois 134.119.244.251

IP Abuse Reports for 134.119.244.251:

This IP address has been reported a total of 1,789 times from 193 distinct sources. 134.119.244.251 was first reported on March 17th 2024, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
rtbh.com.tr	2025-04-28 20:06:20 (2 hours ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
ki3	2025-04-28 20:06:19 (2 hours ago)	Fail2Ban: Web App Attacks and Forum Spam 134.119.244.251 1745870778.0(JST)	Web Spam Bad Web Bot Web App Attack
KeksGauner	2025-04-28 13:57:53 (8 hours ago)	Apr 28 15:59:23 NBG-VS02-WebServer sshd[4058311]: pam_unix(sshd:auth): authentication failure; logna ... show moreApr 28 15:59:23 NBG-VS02-WebServer sshd[4058311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.119.244.251 Apr 28 15:59:25 NBG-VS02-WebServer sshd[4058311]: Failed password for invalid user debian from 134.119.244.251 port 33120 ssh2 ... show less	Brute-Force SSH
Anonymous	2025-04-28 01:10:08 (21 hours ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Brute-Force Bad Web Bot Web App Attack
Jason Howell	2025-04-28 00:30:54 (22 hours ago)	134.119.244.251 - - [27/Apr/2025:18:23:30 -0500] "GET /wp-login.php HTTP/1.1" 200 4247 "-" "Mozilla/ ... show more134.119.244.251 - - [27/Apr/2025:18:23:30 -0500] "GET /wp-login.php HTTP/1.1" 200 4247 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:18:23:30 -0500] "POST /wp-login.php HTTP/1.1" 200 2010 "https://www.golfbackspin.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:18:54:14 -0500] "GET /wp-login.php HTTP/1.1" 200 4248 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:18:54:15 -0500] "POST /wp-login.php HTTP/1.1" 200 2010 "https://www.golfbackspin.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:19:30:53 -0500] "GET /wp-login.php HTTP/1.1" 200 4248 "-" "Mozill ... show less	Web App Attack
Dadelinux	2025-04-27 23:48:02 (22 hours ago)	134.119.244.251 - - [28/Apr/2025:01:43:10 +0200] "GET /wp-login.php HTTP/2.0" 200 4582 "-" "Mozilla/ ... show more134.119.244.251 - - [28/Apr/2025:01:43:10 +0200] "GET /wp-login.php HTTP/2.0" 200 4582 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [28/Apr/2025:01:43:12 +0200] "POST /wp-login.php HTTP/2.0" 200 4474 "https://lorenzogramaccia.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [28/Apr/2025:01:48:02 +0200] "GET /wp-login.php HTTP/2.0" 200 4582 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	SQL Injection Web App Attack
Dadelinux	2025-04-27 20:50:03 (1 day ago)	134.119.244.251 - - [27/Apr/2025:22:48:58 +0200] "GET /wp-login.php HTTP/2.0" 200 4582 "-" "Mozilla/ ... show more134.119.244.251 - - [27/Apr/2025:22:48:58 +0200] "GET /wp-login.php HTTP/2.0" 200 4582 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:22:48:59 +0200] "POST /wp-login.php HTTP/2.0" 200 4474 "https://lorenzogramaccia.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:22:50:01 +0200] "GET /wp-login.php HTTP/2.0" 200 4582 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	SQL Injection Web App Attack
masterguru	2025-04-27 20:44:39 (1 day ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (1020-123)	Web App Attack
ghostwarriors	2025-04-27 20:20:24 (1 day ago)	Unauthorized connection attempt detected, SSH Brute-Force	Port Scan Brute-Force SSH
rtbh.com.tr	2025-04-27 20:06:19 (1 day ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
4server	2025-04-27 20:02:32 (1 day ago)	[SunApr2722:02:28.5549202025][security2:error][pid3369594:tid3369661][client134.119.244.251:0][clien ... show more[SunApr2722:02:28.5549202025][security2:error][pid3369594:tid3369661][client134.119.244.251:0][client134.119.244.251]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.7\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mail.your-team.ch\"][uri\"/xmlrpc.php\"][unique_id\"aA6NVD6Gx8gzRxrJ8NYMCAAAAUM\"] show less	Port Scan Brute-Force Web App Attack
Dadelinux	2025-04-27 16:53:45 (1 day ago)	134.119.244.251 - - [27/Apr/2025:18:52:43 +0200] "POST /xmlrpc.php HTTP/2.0" 200 511 "-" "Mozilla/5. ... show more134.119.244.251 - - [27/Apr/2025:18:52:43 +0200] "POST /xmlrpc.php HTTP/2.0" 200 511 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:18:53:43 +0200] "GET /wp-login.php HTTP/2.0" 200 4583 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:18:53:45 +0200] "POST /wp-login.php HTTP/2.0" 200 4475 "https://lorenzogramaccia.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	SQL Injection Web App Attack
KIsmay	2025-04-27 15:43:15 (1 day ago)	Apr 27 06:43:49 www4 WPAudit[1920856]: 134.119.244.251 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 1 ... show moreApr 27 06:43:49 www4 WPAudit[1920856]: 134.119.244.251 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" jody:jody1@ FAIL Apr 27 08:29:46 www4 WPAudit[1928388]: 134.119.244.251 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" jody:jody.1234 FAIL Apr 27 10:18:27 www4 WPAudit[1936602]: 134.119.244.251 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" jody:www2020@ FAIL Apr 27 11:18:25 www4 WPAudit[1937077]: 134.119.244.251 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" jody:jody59 FAIL Apr 27 11:43:15 www4 WPAudit[1942221]: 134.119.244.251 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Sa ... show less	Brute-Force Web App Attack
Dadelinux	2025-04-27 15:39:05 (1 day ago)	134.119.244.251 - - [27/Apr/2025:17:36:44 +0200] "GET /wp-login.php HTTP/2.0" 200 4583 "-" "Mozilla/ ... show more134.119.244.251 - - [27/Apr/2025:17:36:44 +0200] "GET /wp-login.php HTTP/2.0" 200 4583 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:17:36:45 +0200] "POST /wp-login.php HTTP/2.0" 200 4475 "https://lorenzogramaccia.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 134.119.244.251 - - [27/Apr/2025:17:39:03 +0200] "GET /wp-login.php HTTP/2.0" 200 4582 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	SQL Injection Web App Attack
Anonymous	2025-04-27 14:12:53 (1 day ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 1789 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

218.92.0.237

47.99.115.249

176.37.60.16

50.149.161.131

194.127.199.22

80.94.95.125

206.168.34.211

118.193.61.63

157.245.70.53

15.184.85.10

143.198.36.75

218.92.0.233

118.212.84.134

45.130.85.2

78.128.113.38

223.10.121.107

117.201.181.182

218.92.0.231

14.103.71.220

123.163.200.244