JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 134.199.172.18

134.199.172.18 was found in our database!

This IP was reported 233 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 134.199.172.18

Whois 134.199.172.18

IP Abuse Reports for 134.199.172.18:

This IP address has been reported a total of 233 times from 122 distinct sources. 134.199.172.18 was first reported on October 7th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-28 09:16:24 (2 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-28 06:10:27 (5 hours ago)	(mod_security) mod_security (id:225170) triggered by 134.199.172.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 134.199.172.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 02:10:17.010716 2026] [security2:error] [pid 4693:tid 4693] [client 134.199.172.18:64245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.btccasting.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.btccasting.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akC6yTxLu6a-0RrmpRQAUAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-28 05:08:12 (6 hours ago)	Web vulnerability probing: /web/wp-includes/wlwmanifest.xml	Web App Attack
🇫🇷 SpaceHost-Server	2026-06-27 22:26:10 (13 hours ago)		Brute-Force Web App Attack
Anonymous	2026-06-27 19:42:09 (16 hours ago)	(wordpress-user-enum) Failed wordpress-user-enum trigger from 134.199.172.18 (AU/Australia/-)	Brute-Force
🇩🇪 Blexyel	2026-06-27 19:38:04 (16 hours ago)	134.199.172.18 - - [27/Jun/2026:21:38:03 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 ... show more 134.199.172.18 - - [27/Jun/2026:21:38:03 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" "pingusmc.org" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-27 16:51:03 (19 hours ago)	Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-27 15:58:28 (19 hours ago)	134.199.172.18 - - [27/Jun/2026:17:58:28 +0200] "GET /product-category/marke/big-zone//wp-includes/ ... show more 134.199.172.18 - - [27/Jun/2026:17:58:28 +0200] "GET /product-category/marke/big-zone//wp-includes/ HTTP/1.1" 301 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" show less	Web App Attack
🇦🇹 penguin-solutions.at	2026-06-27 14:38:28 (21 hours ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 13:44:43 (22 hours ago)	(mod_security) mod_security (id:225170) triggered by 134.199.172.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 134.199.172.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 09:44:40.093921 2026] [security2:error] [pid 20342:tid 20342] [client 134.199.172.18:51736] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.bernsteinip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bernsteinip.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aj_TyIYaefUx6F7b4_s3CQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 zynex	2026-06-27 13:14:28 (22 hours ago)	URL Probing: /wp-includes/wlwmanifest.xml	Web App Attack
🇳🇱 Site.eu	2026-06-27 07:35:31 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-27 05:31:31 (1 day ago)	[redacted] 134.199.172.18 - - [27/Jun/2026:07:31:18 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" ... show more [redacted] 134.199.172.18 - - [27/Jun/2026:07:31:18 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 134.199.172.18 - - [27/Jun/2026:07:31:19 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 134.199.172.18 - - [27/Jun/2026:07:31:21 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 134.199.172.18 - - [27/Jun/2026:07:31:22 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 134.199.172.18 - - [27/Jun/2026:07:31:23 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5 ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 04:59:46 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 134.199.172.18 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 134.199.172.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 00:59:41.214668 2026] [security2:error] [pid 8817:tid 8817] [client 134.199.172.18:58662] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cuulart.com.stlouisdave.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cuulart.com.stlouisdave.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aj9YvbVpJvIJf8YtiojqpQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-27 03:31:15 (1 day ago)	[redacted] 134.199.172.18 - - [27/Jun/2026:05:31:02 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" ... show more [redacted] 134.199.172.18 - - [27/Jun/2026:05:31:02 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 134.199.172.18 - - [27/Jun/2026:05:31:03 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 134.199.172.18 - - [27/Jun/2026:05:31:04 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 134.199.172.18 - - [27/Jun/2026:05:31:06 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 134.199.172.18 - - [27/Jun/2026:05:31:07 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5 ... show less	Hacking Web App Attack

Showing 1 to 15 of 233 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇫 223.26.20.158

🇨🇳 117.81.212.152

🇹🇷 94.154.43.66

🇸🇬 52.237.119.41

🇺🇸 216.25.89.142

🇩🇪 193.42.96.106

🇭🇰 150.109.120.203

🇨🇳 120.48.26.185

🇰🇷 112.216.129.27

🇨🇦 104.158.136.199

🇪🇸 79.117.162.50

🇺🇸 69.9.153.112

🇭🇰 52.184.97.184

🇺🇸 44.200.240.206

🇺🇸 44.6.248.164

🇯🇵 40.74.68.49

🇧🇷 38.226.107.70

🇬🇧 35.203.211.69

🇮🇩 182.13.96.107

🇮🇩 103.154.77.48