JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 137.184.174.93

137.184.174.93 was found in our database!

This IP was reported 108 times. Confidence of Abuse is 26%: ?

26%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 137.184.174.93

Whois 137.184.174.93

IP Abuse Reports for 137.184.174.93:

This IP address has been reported a total of 108 times from 34 distinct sources. 137.184.174.93 was first reported on March 27th 2022, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-19 16:03:12 (13 hours ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇩🇪 4server	2026-06-17 12:07:13 (2 days ago)	[WedJun1714:07:11.3870712026][security2:error][pid2757571:tid2757697][client137.184.174.93:0]ModSecu ... show more [WedJun1714:07:11.3870712026][security2:error][pid2757571:tid2757697][client137.184.174.93:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mail.wildpferde.ch\"][uri\"/.env.production\"][unique_id\"ajKN7w15ft7kdm56qlM5MgAAAAc\"] show less	Port Scan Brute-Force Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-17 08:28:05 (2 days ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-16 23:06:23 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 137.184.174.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 137.184.174.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:06:20.663453 2026] [security2:error] [pid 11721:tid 11721] [client 137.184.174.93:52764] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.qxoticdivas.postermodelsworldwideinc.com"] [uri "/.hermes/.env"] [unique_id "ajHW7KyYghycZK3QeW-nFwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 20:23:08 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 137.184.174.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 137.184.174.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:23:03.377199 2026] [security2:error] [pid 5765:tid 5765] [client 137.184.174.93:38782] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|garyandthegroove.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "garyandthegroove.com"] [uri "/.hermes/kanban.db"] [unique_id "ajGwp13h7GCVIVBKwPI5VAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 05:18:19 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 137.184.174.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 137.184.174.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:18:11.951857 2026] [security2:error] [pid 28940:tid 28945] [client 137.184.174.93:48948] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "richardleeweatherman.com"] [uri "/config/.env"] [unique_id "ajDck9dvuS6ySmoDYgORLAAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:07:56 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 137.184.174.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 137.184.174.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:07:50.549128 2026] [security2:error] [pid 9076:tid 9076] [client 137.184.174.93:41786] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.construction.bonefrog.com"] [uri "/.env"] [unique_id "ajAjVjL5Pi1Ppsr1B8OJoAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-15 15:35:58 (4 days ago)	Honeypot hit: Incoming HTTP traffic on port 81	Web App Attack Bad Web Bot
Anonymous	2025-11-26 11:40:45 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇳🇱 exxos	2025-09-19 19:03:01 (9 months ago)	Attacks with Bad user agents	Hacking
Anonymous	2024-05-31 01:14:48 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 MAGIC	2023-08-03 14:28:50 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇿 Countryman	2023-07-26 06:10:42 (2 years ago)	repeated unauthorized connection attempts, host sweep, port scan	Port Scan
🇺🇸 MPL	2023-07-26 04:00:46 (2 years ago)	tcp/7443 (4 or more attempts)	Port Scan
🇺🇸 MPL	2023-07-26 02:34:36 (2 years ago)	tcp/60000 (4 or more attempts)	Port Scan

Showing 1 to 15 of 108 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 163.7.0.179

🇷🇴 80.94.92.168

🇩🇪 213.209.159.56

🇹🇷 159.253.39.62

🇫🇮 147.185.133.40

🇺🇸 130.131.161.76

🇳🇱 79.137.197.24

🇧🇷 45.235.110.154

🇺🇸 40.124.175.234

🇷🇴 2.57.121.112

🇨🇳 222.89.25.236

🇩🇪 216.26.243.8

🇧🇷 205.210.31.251

🇩🇪 167.94.146.42

🇳🇬 165.154.10.201

🇸🇬 159.223.62.22

🇺🇸 147.185.132.28

🇺🇸 68.69.177.101

🇧🇷 45.205.1.192

🇩🇪 45.3.43.253