JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.197.74.130

138.197.74.130 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 47%: ?

47%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Clifton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.197.74.130

Whois 138.197.74.130

IP Abuse Reports for 138.197.74.130:

This IP address has been reported a total of 28 times from 22 distinct sources. 138.197.74.130 was first reported on May 6th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Fasetech	2026-05-27 11:38:33 (2 weeks ago)	SecLedge detected suspicious activity. Score: 69.48. Sensor: T-Pot.	Brute-Force
🇫🇷 Fasetech	2026-05-23 01:14:58 (3 weeks ago)	SecLedge detected suspicious activity. Score: 69.48. Sensor: T-Pot.	Brute-Force
🇮🇳 evicky2002	2026-05-20 04:30:47 (3 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=99, sources=1)	Hacking Brute-Force SSH
🇫🇷 Fasetech	2026-05-17 18:03:18 (4 weeks ago)	SecLedge detected suspicious activity. Score: 69.48. Sensor: T-Pot.	Brute-Force
🇫🇷 Fasetech	2026-05-16 00:43:59 (4 weeks ago)	SecLedge detected suspicious activity. Score: 69.48. Sensor: T-Pot.	Brute-Force
🇺🇸 drewf.ink	2026-05-12 03:12:45 (1 month ago)	[03:12] Port scanning. Port(s) scanned: TCP/8008	Port Scan
🇫🇷 Security_Whaller	2026-05-12 03:07:31 (1 month ago)	Malicious activity detected on Honeypot.	Brute-Force Hacking Web App Attack
🇩🇪 Roper123	2026-05-12 03:04:22 (1 month ago)	Web exploits	Web App Attack
🇹🇷 0xi	2026-05-12 03:00:51 (1 month ago)	Malicious scanning and attack activity detected (543 attempts). Targeted ports: 8280, 8501, 8014, 80 ... show more Malicious scanning and attack activity detected (543 attempts). Targeted ports: 8280, 8501, 8014, 80. Triggered sensors: P0f, Suricata, Honeytrap, Fatt, Tanner. Observed via distributed honeypot network. show less	Port Scan
🇹🇷 Threat.live	2026-05-12 03:00:14 (1 month ago)	Suspicious Connection Attempts	Brute-Force
🇫🇮 ngonghillsbikers	2026-05-12 03:00:12 (1 month ago)	Date: 12/May/2026:05:50:24.802206 +0300 \| Reported IP: 138.197.74.130 mod_security \| id: 920350 9301 ... show more Date: 12/May/2026:05:50:24.802206 +0300 \| Reported IP: 138.197.74.130 mod_security \| id: 920350 930130 949110 980170 920440 \| US/group.my_domain/- \| Connections: 1 \| Blocked: Permanent Block: [LF_MODSEC] \| Logs: ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; Warning. Pattern match; Warning. Pattern match; Warning. Pattern match; Warning. Pattern match; Warning. Pattern match; Warning. Unconditional match in SecAction. [file; Warning. Unconditional match in SecAction. [file; Warning. Unconditional match in SecAction. [file; Warning. Unconditional match in SecAction. [file; Warning. Unconditional match in SecAction. [file; Warning. String match within; Warning. Matched phrase; Warning. Matched phrase; Warning. Matched phrase; Warning. Matched phrase; Warning. Matched phrase; Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file; Access denied with code 403 (phase 2). Operator GE matched 5 at show less	SQL Injection Brute-Force Bad Web Bot
🇫🇷 masterguru	2026-05-12 02:54:40 (1 month ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-196)	Hacking Bad Web Bot
🇫🇷 YF	2026-05-12 02:25:13 (1 month ago)	Environment file probe	Web App Attack
🇺🇸 Starburst SysOp Team	2026-05-11 22:14:03 (1 month ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-14)	Hacking Bad Web Bot
🇺🇸 RogueAutomata	2026-05-11 22:06:07 (1 month ago)	Detected malicious request: GET /docker-compose.yml Detections triggered: Access via IP addr (v4)	Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.8.222.67

🇳🇱 212.34.146.152

🇰🇷 211.221.196.103

🇰🇷 175.203.199.118

🇮🇩 157.20.144.221

🇸🇦 141.179.6.162

🇨🇳 125.47.206.198

🇨🇩 102.216.240.61

🇮🇩 93.185.162.10

🇵🇱 78.88.230.100

🇳🇱 45.148.10.141

🇩🇪 43.157.53.115

🇹🇷 38.60.255.39

🇫🇷 31.36.163.95

🇻🇳 14.163.3.153

🇨🇳 223.66.44.196

🇺🇸 208.84.100.192

🇧🇷 205.210.31.200

🇩🇪 193.228.139.227

🇨🇳 183.197.178.37