JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 137.184.119.51

137.184.119.51 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 137.184.119.51

Whois 137.184.119.51

IP Abuse Reports for 137.184.119.51:

This IP address has been reported a total of 149 times from 101 distinct sources. 137.184.119.51 was first reported on November 3rd 2022, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 excill	2026-06-21 03:14:36 (15 hours ago)	Honeypot mesh observed 1364 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇩🇪 baltic-lab.com	2026-06-20 19:33:22 (23 hours ago)	Firewall Detection, DE2, Either a port scan or continued brute-force attack by a previously blocked ... show more Firewall Detection, DE2, Either a port scan or continued brute-force attack by a previously blocked offender ... show less	Brute-Force Port Scan
🇬🇧 Andrew	2026-06-20 18:18:15 (1 day ago)	Blocked by UFW (TCP on port 4000). Source port: 58952 TTL: 241 Packet length: 40 TOS: 0x00 This rep ... show more Blocked by UFW (TCP on port 4000). Source port: 58952 TTL: 241 Packet length: 40 TOS: 0x00 This report (for 137.184.119.51) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-20 18:16:52 (1 day ago)	Unauthorized access (8080/tcp/http-alt)	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-20 17:02:21 (1 day ago)	(mod_security-custom) mod_security (id:210492) triggered by 137.184.119.51 (US/United States/Califor ... show more (mod_security-custom) mod_security (id:210492) triggered by 137.184.119.51 (US/United States/California/Santa Clara/-/[AS14061 DIGITALOCEAN-ASN]): 1 in the last 3600 secs (0-srv1) show less	Hacking
🇫🇮 geot	2026-06-20 16:14:05 (1 day ago)	GET /wp-config.php.old HTTP/1.1 GET /docker-compose.prod.yml HTTP/1.1 GET /wp-config.php.bak HTTP/1. ... show more GET /wp-config.php.old HTTP/1.1 GET /docker-compose.prod.yml HTTP/1.1 GET /wp-config.php.bak HTTP/1.1 GET /gitlab-ci.yml HTTP/1.1 GET /wp-config.php.dist HTTP/1.1 GET /docker-compose.yml HTTP/1.1 GET /wp-config.php HTTP/1.1 GET /-/snippets HTTP/1.1 GET /wp-config.php.save HTTP/1.1 GET /.cursor/mcp_config.json HTTP/1.1 GET /.env.example HTTP/1.1 GET /docker-compose.yaml HTTP/1.1 GET /.env.development HTTP/1.1 GET /explore/projects HTTP/1.1 GET /wp-config.php.orig HTTP/1.1 GET /wp-config.php~ HTTP/1.1 show less	Hacking Web App Attack
Anonymous	2026-06-20 14:49:15 (1 day ago)	137.184.119.51 - - [20/Jun/2026:11:49:06 -0300] "GET /config/database.yml HTTP/1.1" 404 226 "-" "Moz ... show more 137.184.119.51 - - [20/Jun/2026:11:49:06 -0300] "GET /config/database.yml HTTP/1.1" 404 226 "-" "Mozilla/5.0 (compatible)" 137.184.119.51 - - [20/Jun/2026:11:49:07 -0300] "GET /include/config.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible)" 137.184.119.51 - - [20/Jun/2026:11:49:08 -0300] "GET /includes/config.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible)" 137.184.119.51 - - [20/Jun/2026:11:49:10 -0300] "GET /conf/config.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible)" 137.184.119.51 - - [20/Jun/2026:11:49:14 -0300] "GET /claude_desktop_config.json HTTP/1.1" 404 238 "-" "Mozilla/5.0 (compatible)" ... show less	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-20 14:44:55 (1 day ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-14)	Hacking Bad Web Bot
🇺🇸 its101	2026-06-20 14:15:04 (1 day ago)	Automated detection by LockdownAccess security system. Attack type(s): env_grab, config_probe. Reaso ... show more Automated detection by LockdownAccess security system. Attack type(s): env_grab, config_probe. Reason: Nginx: env_grab attack. Path targeted: unknown. Blocked in Cloudflare. show less	Web App Attack
Anonymous	2026-06-20 14:07:07 (1 day ago)	UFW blocked 3 unsolicited TCP packet(s) in last 65 minutes ago. Destination port(s): 80,5000,8443. S ... show more UFW blocked 3 unsolicited TCP packet(s) in last 65 minutes ago. Destination port(s): 80,5000,8443. Server has no public-facing services; all blocks are uninvited. show less	Port Scan
Anonymous	2026-06-20 13:28:04 (1 day ago)	fail2ban:piguard2:14,18	Port Scan Brute-Force
🇺🇸 ISPLtd	2026-06-20 13:16:39 (1 day ago)	Jun 20 07:13:56 137.184.119.51 TCP SPT=41049 DPT=8888 SYN Jun 20 07:15:34 137.184.119.51 TCP SPT=410 ... show more Jun 20 07:13:56 137.184.119.51 TCP SPT=41049 DPT=8888 SYN Jun 20 07:15:34 137.184.119.51 TCP SPT=41049 DPT=9090 SYN Jun 20 07:16:38 137.184.119.51 TCP SPT=41049 DPT=3000 ... show less	Port Scan
Anonymous	2026-06-20 12:17:37 (1 day ago)	PSCSERV WPSCAN 137.184.119.51	Bad Web Bot Web App Attack
🇫🇮 23p02732	2026-06-20 10:34:14 (1 day ago)	Mailserver and mailaccount attacks	Brute-Force Bad Web Bot Exploited Host Web App Attack
🇫🇮 Kimmo Rieskaniemi	2026-06-20 09:56:01 (1 day ago)	CrowdSec triggered crowdsecurity/http-sensitive-files	Web App Attack Hacking

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 2804:d59:8790:cb00:9446:246c:9638:1ea

🇨🇳 223.109.255.143

🇺🇸 207.90.244.26

🇬🇧 195.96.139.64

🇳🇱 176.65.139.66

🇺🇸 167.172.152.94

🇺🇸 147.182.130.92

🇨🇳 111.72.239.136

🇺🇸 52.242.128.238

🇻🇳 14.232.210.2

🇧🇷 2804:5da8:ed00:39fd:ed00:771:35b7:6324

🇨🇳 223.109.252.250

🇧🇷 205.210.31.253

🇳🇱 193.176.31.205

🇰🇷 182.31.130.216

🇳🇱 176.65.139.181

🇭🇰 152.32.173.15

🇺🇸 2604:a880:400:d1:0:4:9e7e:c001

🇬🇧 213.166.84.35

🇭🇰 165.154.41.182