JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 134.199.232.230

134.199.232.230 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 31%: ?

31%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 134.199.232.230

Whois 134.199.232.230

IP Abuse Reports for 134.199.232.230:

This IP address has been reported a total of 15 times from 11 distinct sources. 134.199.232.230 was first reported on April 29th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Admins@FBN	2026-06-09 22:40:14 (2 weeks ago)	FW-PortScan: Traffic Blocked srcport=61011 dstport=11000	Port Scan
🇩🇪 zupan	2026-06-09 22:26:30 (2 weeks ago)	Blocked by UFW on vps [6936/tcp] \| SPT: 61015 \| TTL: 233 \| LEN: 44 \| TOS: 0x00 • Reported by: github ... show more Blocked by UFW on vps [6936/tcp] \| SPT: 61015 \| TTL: 233 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇷🇸 Scan	2026-06-06 01:33:48 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-02 19:22:28 (3 weeks ago)	Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ... show more Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud show less	Brute-Force Hacking
🇺🇸 itsnixk	2026-06-02 18:33:59 (3 weeks ago)	(mod_security) mod_security (id:920350) triggered by 134.199.232.230 (US/United States/-): 1 in the ... show more (mod_security) mod_security (id:920350) triggered by 134.199.232.230 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 02 14:33:56.473265 2026] [security2:error] [pid 1273455:tid 1273570] [client 134.199.232.230:42144] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "774"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.25.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/"] [unique_id "ah8iFMOROBgrcKes_I9ZHQAAACA"] show less	Port Scan
🇺🇸 MPL	2026-06-02 18:17:17 (3 weeks ago)	tcp/1337	Port Scan
🇺🇸 MPL	2026-03-28 04:38:51 (2 months ago)	tcp/8808 (2 or more attempts)	Port Scan
🇫🇷 masterguru	2026-03-28 04:30:39 (2 months ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 134.199.232.230 (US/United States/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 134.199.232.230 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇩🇪 arc21	2026-03-10 10:11:48 (3 months ago)	2026-03-10T10:11:47.564696+00:00 database-prodv1-game kernel: [301444.142823] [UFW BLOCK] IN=eth0 OU ... show more 2026-03-10T10:11:47.564696+00:00 database-prodv1-game kernel: [301444.142823] [UFW BLOCK] IN=eth0 OUT= MAC=92:00:06:71:5d:8a:d2:74:7f:6e:37:e3:08:00 SRC=134.199.232.230 DST=142.132.169.25 LEN=44 TOS=0x00 PREC=0x00 TTL=239 ID=49147 PROTO=TCP SPT=61012 DPT=8081 WINDOW=1025 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 MPL	2025-05-05 07:39:22 (1 year ago)	tcp/8080	Port Scan
🇵🇹 rncbc	2025-05-05 07:15:06 (1 year ago)	[Mon May 05 08:15:05.111506 2025] [authz_core:error] [pid 390839:tid 390839] [client 134.199.232.230 ... show more [Mon May 05 08:15:05.111506 2025] [authz_core:error] [pid 390839:tid 390839] [client 134.199.232.230:56382] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/ [Mon May 05 08:15:05.545856 2025] [authz_core:error] [pid 391499:tid 391499] [client 134.199.232.230:56392] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/favicon.ico, referer: http://proxy.rncbc.org/ [Mon May 05 08:15:05.975513 2025] [authz_core:error] [pid 390779:tid 390779] [client 134.199.232.230:56394] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/ads.txt ... show less	Brute-Force Bad Web Bot Web App Attack SSH
🇺🇸 MPL	2025-05-05 07:10:18 (1 year ago)	tcp ports: 8000,8080 (5 or more attempts)	Port Scan
🇬🇧 BoroBoy	2025-04-29 01:30:16 (1 year ago)	Port Scan	DDoS Attack Port Scan Brute-Force
🇺🇸 RAP	2025-04-29 01:17:46 (1 year ago)	2025-04-29 01:17:46 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 MPL	2025-04-29 00:38:21 (1 year ago)	tcp/8090	Port Scan

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.90.248.108

🇺🇸 172.191.178.196

🇧🇬 79.124.49.226

🇩🇪 69.5.169.49

🇳🇱 45.156.128.57

🇺🇸 44.214.15.123

🇵🇭 152.32.98.126

🇩🇪 130.12.182.143

🇰🇷 121.178.185.141

🇰🇪 102.210.148.41

🇫🇷 85.217.140.5

🇿🇦 41.132.67.123

🇸🇬 8.222.181.172

🇧🇷 201.63.52.54

🇬🇧 178.159.2.6

🇨🇱 172.253.219.30

🇨🇳 115.190.149.134

🇨🇳 111.61.177.187

🇮🇳 52.140.124.214

🇳🇱 45.148.10.152