JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 134.199.172.148

134.199.172.148 was found in our database!

This IP was reported 164 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 134.199.172.148

Whois 134.199.172.148

IP Abuse Reports for 134.199.172.148:

This IP address has been reported a total of 164 times from 125 distinct sources. 134.199.172.148 was first reported on January 22nd 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-05-01 06:17:05 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=92, sources=1)	Hacking Brute-Force SSH
🇬🇧 openstrike.co.uk	2026-04-08 05:13:40 (2 months ago)	3 attacks on VC URLs: GET /.git/config HTTP/1.1	Hacking
🇳🇱 homeshowdomain.nl	2026-04-07 22:07:51 (2 months ago)	Auto-ban: >3000 req/min op 2026-04-07	Web App Attack SSH Hacking
🇬🇧 thetomtaylor.co.uk	2026-04-07 13:14:29 (2 months ago)	Fail2Ban - [SSH]Brute-force login attempts on sshd ... [ice01]	Brute-Force SSH
🇯🇵 beon	2026-04-07 11:28:35 (2 months ago)	[DateTime=>2026-04-07T11:28:35Z (UTC)] , [HoneyPot_Hits=>twice] , [HoneyPots=>/.git/config] , [total ... show more [DateTime=>2026-04-07T11:28:35Z (UTC)] , [HoneyPot_Hits=>twice] , [HoneyPots=>/.git/config] , [total_Hits=>twice] show less	Bad Web Bot Web App Attack Hacking
🇺🇸 kosada.com	2026-04-07 08:27:54 (2 months ago)	Web vulnerability probing: /.git/config	Web App Attack
🇬🇧 consul.to	2026-04-07 07:23:06 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 octageeks.com	2026-04-07 04:11:12 (2 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇩🇪 4server	2026-04-07 03:06:50 (2 months ago)	[TueApr0705:06:43.9926482026][security2:error][pid371611:tid371623][client134.199.172.148:0]ModSecur ... show more [TueApr0705:06:43.9926482026][security2:error][pid371611:tid371623][client134.199.172.148:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.8\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"formet.ch\"][uri\"/.git/config\"][unique_id\"adR0w9QLxp3aPDs1B3_uNwAAAIk\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-04-07 00:47:34 (2 months ago)	134.199.172.148 - - [07/Apr/2026:02:47:34 +0200] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5. ... show more 134.199.172.148 - - [07/Apr/2026:02:47:34 +0200] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Web App Attack
🇩🇪 Ba-Yu	2026-04-07 00:47:29 (2 months ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 Blexyel	2026-04-07 00:35:52 (2 months ago)	134.199.172.148 - - [07/Apr/2026:00:35:47 +0000] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5. ... show more 134.199.172.148 - - [07/Apr/2026:00:35:47 +0000] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Brute-Force Web App Attack
🇩🇪 sdos.es	2026-04-07 00:35:18 (2 months ago)	"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"	Web App Attack
🇺🇸 TPI-Abuse	2026-04-06 21:08:06 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 134.199.172.148 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.199.172.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 17:08:01.989266 2026] [security2:error] [pid 591706:tid 591706] [client 134.199.172.148:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "forsaleincr.com"] [uri "/.git/config"] [unique_id "adQgsfcMsr6SAfGlJ4RTrQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-04-06 21:06:16 (2 months ago)	Scanning/Probing (12)	Brute-Force Web App Attack

Showing 1 to 15 of 164 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.254.212.59

🇰🇷 211.251.245.88

🇳🇬 197.210.71.189

🇳🇱 190.2.135.111

🇭🇰 185.216.119.190

🇫🇷 176.166.76.214

🇷🇺 176.125.125.14

🇻🇳 171.243.149.114

🇫🇷 141.11.1.134

🇹🇷 88.238.36.9

🇺🇦 217.196.165.65

🇮🇳 210.212.136.3

🇵🇭 210.79.179.240

🇺🇸 209.141.47.217

🇨🇭 209.99.190.200

🇨🇦 207.161.93.227

🇧🇷 206.42.8.243

🇺🇸 173.236.215.92

🇳🇱 159.223.217.240

🇨🇳 119.48.135.33