JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 134.147.21.192

134.147.21.192 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 24%: ?

24%

ISP	Ruhr-Universitaet Bochum
Usage Type	University/College/School
ASN	AS29484
Hostname(s)	nat44-21-192.net.ruhr-uni-bochum.de
Domain Name	ruhr-uni-bochum.de
Country	🇩🇪 Germany
City	Bochum, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 134.147.21.192

Whois 134.147.21.192

IP Abuse Reports for 134.147.21.192:

This IP address has been reported a total of 36 times from 15 distinct sources. 134.147.21.192 was first reported on March 16th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-06 01:51:49 (1 month ago)	(mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochu ... show more (mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochum.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 21:51:42.010659 2026] [security2:error] [pid 1522:tid 1529] [client 134.147.21.192:6966] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:source outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|jofdt.com\|F\|3"] [data "ARGS:source=https://attacker.example.com\\x00.jofdt.com"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "jofdt.com"] [uri "/ojs_3308_a/index.php/jofdt/login"] [unique_id "afqerh8JtkwrQ49g-oHY1gAAAQQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-02 10:49:50 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 134.147.21.192 (DE/Germany/nat44-21-192 ... show more (mod_security) mod_security triggered on hostname [redacted] 134.147.21.192 (DE/Germany/nat44-21-192.net.ruhr-uni-bochum.de) show less	SQL Injection
🇨🇦 Webmestre	2026-04-29 12:50:00 (1 month ago)	Several attempts to connect to the CSM.	Web App Attack
🇩🇪 LRob.fr	2026-04-29 09:15:03 (1 month ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-29 04:58:50 (1 month ago)	(mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochu ... show more (mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochum.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 00:58:43.720703 2026] [security2:error] [pid 14570:tid 14570] [client 134.147.21.192:4518] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:url outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|web.cruisingforsex.com\|F\|3"] [data "ARGS:url=https://attacker.example.com\\x00.web.cruisingforsex.com"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "web.cruisingforsex.com"] [uri "/bb/cfs_login.php"] [unique_id "afGQA1hqHV3qg49HcOnBVQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 00:54:15 (1 month ago)	(mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochu ... show more (mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochum.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 20:54:11.597239 2026] [security2:error] [pid 7175:tid 7175] [client 134.147.21.192:3246] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:mktrpt outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|www.konahawaiirealty.com\|F\|3"] [data "ARGS:mktrpt=https://attacker.example.com\\x00.www.konahawaiirealty.com"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "www.konahawaiirealty.com"] [uri "/search/details/1ec/7/"] [unique_id "afFWs2UBmEph8ZPgvgjlvAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vasile	2026-04-26 21:18:56 (1 month ago)	Shield Guard: Scanner: python-requests (+20) \| Null byte injection \| Double encoding détecté	Web App Attack
Anonymous	2026-04-26 04:11:59 (1 month ago)	Aggressive web scan	Bad Web Bot Web App Attack
🇳🇱 Roderic	2026-04-26 03:38:49 (1 month ago)	(apache-bow-document) Failed apache-bow-scanners trigger with match [redacted])	Hacking
🇺🇸 TPI-Abuse	2026-04-26 00:27:58 (1 month ago)	(mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochu ... show more (mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochum.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 20:27:50.497687 2026] [security2:error] [pid 3524:tid 3524] [client 134.147.21.192:44371] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:file outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|thecorinthians.info\|F\|3"] [data "ARGS:file=https://attacker.example.com\\x00.thecorinthians.info"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "thecorinthians.info"] [uri "/TCA-FMWG/rw_common/plugins/stacks/pdf-viewer/viewer.php"] [unique_id "ae1cBvWYGC2texxikQnamgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Roderic	2026-04-21 06:10:23 (1 month ago)	(apache-bow-document) Failed apache-bow-scanners trigger with match [redacted])	Hacking
🇺🇸 TPI-Abuse	2026-04-19 17:09:53 (1 month ago)	(mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochu ... show more (mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochum.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 13:09:45.721298 2026] [security2:error] [pid 1863108:tid 1863108] [client 134.147.21.192:3764] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:URL outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|goldengatecorgis.org\|F\|3"] [data "ARGS:URL=https://attacker.com\\x00.goldengatecorgis.org"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "goldengatecorgis.org"] [uri "/"] [unique_id "aeUMWYokTXbi3fNSJPBwrQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-04-18 16:08:02 (1 month ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 12:30:29 (1 month ago)	(mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochu ... show more (mod_security) mod_security (id:210410) triggered by 134.147.21.192 (nat44-21-192.net.ruhr-uni-bochum.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 08:30:22.965688 2026] [security2:error] [pid 8706:tid 8727] [client 134.147.21.192:24054] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:img outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request\|\|www.alicefaye.com\|F\|3"] [data "ARGS:img=https://attacker.com\\x00.www.alicefaye.com"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "www.alicefaye.com"] [uri "/spaw/gethref.php"] [unique_id "aeN5Xi9RZ3BzPXGBdPYhiwAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vasile	2026-04-18 02:35:38 (1 month ago)	Shield Guard: AbuseIPDB: 47% \| Scanner: python-requests (+20) \| Null byte injection	Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.146.34

🇳🇱 68.183.2.175

🇰🇷 49.247.36.49

🇧🇷 45.5.222.112

🇨🇳 14.103.123.6

🇺🇸 2600:1f18:3120:f503:c0ab:ada1:cf98:ce76

🇪🇸 185.121.15.184

🇨🇳 183.197.174.108

🇮🇷 176.65.240.242

🇻🇳 118.69.226.76

🇲🇲 103.59.163.132

🇦🇹 84.115.228.137

🇳🇱 80.79.4.94

🇮🇷 78.39.34.231

🇺🇸 66.132.172.104

🇬🇧 51.195.190.208

🇸🇬 43.156.136.152

🇮🇩 36.64.131.68

🇺🇸 173.255.243.63

🇺🇿 95.46.211.142