JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 134.199.175.139

134.199.175.139 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 134.199.175.139

Whois 134.199.175.139

IP Abuse Reports for 134.199.175.139:

This IP address has been reported a total of 17 times from 16 distinct sources. 134.199.175.139 was first reported on September 15th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2026-03-11 20:12:00 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-03-10 20:11:59 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 rjdefrancisco	2026-03-10 07:10:24 (3 months ago)	Unwanted traffic detected by honeypot on March 09, 2026: port scans (3 port 22 scans), and brute for ... show more Unwanted traffic detected by honeypot on March 09, 2026: port scans (3 port 22 scans), and brute force and hacking attacks (4 over ssh). show less	Port Scan Brute-Force SSH
🇺🇸 anon333	2026-03-10 04:33:25 (3 months ago)	Hacker syslog review 1773117205	Hacking
🇩🇪 ghostwarriors	2026-03-10 03:50:20 (3 months ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH
🇺🇸 psh-ack	2026-03-10 03:33:41 (3 months ago)	Compromised SSH service with Go-based client executing multi-credential brute force across 6 session ... show more Compromised SSH service with Go-based client executing multi-credential brute force across 6 sessions in 5min. Tested 4 cred pairs (root/root123, test1/test1, test2/test2, test3/test3) via automated scanning. Two attack sequences: (1) Persistence mechanism - chattr -i flag removal on .bashrc/.zshrc files to disable immutability protections, enabling subsequent shell config modifications. (2) System recon - hostname, kernel version, architecture, uptime via uname and /proc/uptime parsing. PATH variable manipulation post-exec detected. Attack pattern consistent with automated botnet recon and hardening removal prior to payload deployment or cred harvesting. No malware dl, lateral movement, or explicit persistence installs observed, but preliminary steps suggest staged attack. Go SSH client (SSH-2.0-Go) indicates botnet or scripted framework. Low-complexity brute force with weak creds suggests indiscriminate targeting. show less	Brute-Force SSH
🇺🇸 sh97	2026-03-10 03:23:10 (3 months ago)	US905-RN-ASH.vps.992969.xyz: SSH Brute Force from 134.199.175.139 at 2026-03-10 08:53:10 IST	Brute-Force SSH
🇵🇭 marklozada88	2026-03-10 03:22:55 (3 months ago)	Mar 10 11:20:12 mx1 sshd[1898642]: Invalid user test1 from 134.199.175.139 port 43796 Mar 10 11:21:4 ... show more Mar 10 11:20:12 mx1 sshd[1898642]: Invalid user test1 from 134.199.175.139 port 43796 Mar 10 11:21:45 mx1 sshd[1899423]: Invalid user test2 from 134.199.175.139 port 32946 Mar 10 11:22:54 mx1 sshd[1900100]: Invalid user test3 from 134.199.175.139 port 41864 ... show less	Brute-Force SSH
🇺🇸 wteiken	2026-03-10 03:22:34 (3 months ago)	2026-03-09T22:21:17.624616-05:00 narcissus.teiken.net sshd-session[3198641]: Invalid user test2 from ... show more 2026-03-09T22:21:17.624616-05:00 narcissus.teiken.net sshd-session[3198641]: Invalid user test2 from 134.199.175.139 port 57300 2026-03-09T22:21:17.859570-05:00 narcissus.teiken.net sshd-session[3198641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.199.175.139 2026-03-09T22:21:19.324823-05:00 narcissus.teiken.net sshd-session[3198641]: Failed password for invalid user test2 from 134.199.175.139 port 57300 ssh2 2026-03-09T22:22:31.097600-05:00 narcissus.teiken.net sshd-session[3199403]: Invalid user test3 from 134.199.175.139 port 46468 2026-03-09T22:22:31.355082-05:00 narcissus.teiken.net sshd-session[3199403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.199.175.139 2026-03-09T22:22:33.832742-05:00 narcissus.teiken.net sshd-session[3199403]: Failed password for invalid user test3 from 134.199.175.139 port 46468 ssh2 ... show less	Brute-Force SSH
🇬🇧 Silly Development	2026-03-10 03:22:04 (3 months ago)	2026-03-10T03:20:45.512010+00:00 noha-b456b sshd[409190]: pam_unix(sshd:auth): authentication failur ... show more 2026-03-10T03:20:45.512010+00:00 noha-b456b sshd[409190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.199.175.139 2026-03-10T03:20:47.739868+00:00 noha-b456b sshd[409190]: Failed password for invalid user test1 from 134.199.175.139 port 36624 ssh2 2026-03-10T03:22:04.097625+00:00 noha-b456b sshd[409358]: Invalid user test2 from 134.199.175.139 port 37762 ... show less	Brute-Force SSH
🇹🇼 bluecloudwork	2026-03-10 03:21:53 (3 months ago)	Fail2Ban - Brute-force SSH server ...	Brute-Force SSH
🇺🇸 whitehat AbuseIPDB Official	2026-03-10 03:21:19 (3 months ago)	2026-03-10T03:19:34.481184shield sshd\[30064\]: Invalid user test1 from 134.199.175.139 port 35812 2 ... show more 2026-03-10T03:19:34.481184shield sshd\[30064\]: Invalid user test1 from 134.199.175.139 port 35812 2026-03-10T03:19:34.713622shield sshd\[30064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.199.175.139 2026-03-10T03:19:36.524428shield sshd\[30064\]: Failed password for invalid user test1 from 134.199.175.139 port 35812 ssh2 2026-03-10T03:21:18.692559shield sshd\[30290\]: Invalid user test2 from 134.199.175.139 port 39368 2026-03-10T03:21:18.939622shield sshd\[30290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.199.175.139 show less	Brute-Force SSH
🇺🇸 Misaka13514	2026-03-10 03:19:57 (3 months ago)	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "test1" at 2026-03-10T03:19:56Z	Brute-Force SSH
🇺🇸 [email protected]	2026-03-10 03:19:53 (3 months ago)	Total attacks: 2	Brute-Force SSH
🇺🇸 MPL	2026-03-10 03:17:39 (3 months ago)	tcp/22 (10 or more attempts)	Port Scan

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.102

🇺🇸 66.132.172.214

🇫🇷 167.86.82.207

🇫🇮 147.185.133.36

🇺🇸 147.185.132.214

🇭🇰 103.243.24.124

🇺🇸 64.62.197.120

🇳🇱 45.148.10.147

🇸🇬 45.78.207.244

🇧🇪 34.38.88.44

🇨🇳 222.142.250.45

🇨🇳 139.214.251.75

🇨🇳 106.75.20.222

🇳🇱 45.148.10.240

🇺🇸 23.144.124.187

🇬🇧 213.166.84.52

🇰🇷 211.253.37.225

🇫🇮 147.185.133.66

🇨🇳 124.89.89.156

🇳🇱 92.70.189.163