JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.99.234.27

167.99.234.27 was found in our database!

This IP was reported 98 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	North Bergen, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.99.234.27

Whois 167.99.234.27

IP Abuse Reports for 167.99.234.27:

This IP address has been reported a total of 98 times from 49 distinct sources. 167.99.234.27 was first reported on December 18th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 gbzret4d	2026-06-02 17:40:31 (1 day ago)	Honeypot [uk-production01]: MSSQL traffic (on 1433) without login credentials	Port Scan
🇩🇪 D3RP4UL	2026-06-02 14:23:21 (1 day ago)	Unauthorized traffic on 3306/mysqld	Port Scan
🇦🇺 LiftUp Hosting	2026-06-02 14:22:01 (1 day ago)	Honeypot hit: HTTP/1.1 request on 5984 GET /cgi-bin/authLogin.cgi User-Agent: Go-http-client/1.1; 5 ... show more Honeypot hit: HTTP/1.1 request on 5984 GET /cgi-bin/authLogin.cgi User-Agent: Go-http-client/1.1; 5984 [12] TCP show less	Hacking Bad Web Bot
🇩🇪 EnthecSolutions	2026-06-02 14:00:52 (1 day ago)	Detected by Enthec Solutions. \| Attempts: 118 in 24h \| Target port: 5984	Port Scan Hacking
🇹🇷 Squearex	2026-06-02 12:04:46 (1 day ago)	Automated ban by SCUMUnified Shield. Honeypot Trap Triggered (Decoy Port 27017)	Brute-Force SSH
🇺🇸 SuperCores Hosting	2026-06-02 11:44:13 (1 day ago)	[2026-06-02 11:44:13.667973] TELNET/8080 Unautorized connection, Suspicious Mirai Botnet.	IoT Targeted Brute-Force Hacking Port Scan DDoS Attack
🇬🇧 gbzret4d	2026-06-02 11:33:59 (1 day ago)	Honeypot [uk-production01]: Unauthorized traffic (27 bytes of payload); 8883 [2] TCP	Port Scan
Anonymous	2026-06-02 10:48:18 (1 day ago)	Automated Report: Fail2Ban block triggered by docker-postgres jail.	Brute-Force SSH
Anonymous	2026-06-02 10:32:52 (1 day ago)	Honeypot hit: HTTP/1.1 request on 9301 GET /solr/admin/info/system User-Agent: Go-http-client/1.1; ... show more Honeypot hit: HTTP/1.1 request on 9301 GET /solr/admin/info/system User-Agent: Go-http-client/1.1; 9301 [8] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇩🇪 banankicks	2026-06-02 09:09:04 (1 day ago)	Unauthorized connection attempt detected from IP address 167.99.234.27 to port 5432 (banankicks-serv ... show more Unauthorized connection attempt detected from IP address 167.99.234.27 to port 5432 (banankicks-server) [M] show less	Brute-Force Exploited Host
🇦🇺 LiftUp Hosting	2026-06-02 08:03:57 (1 day ago)	Honeypot hit: HTTP/1.1 request on 2181 GET /query?q=SHOW+DIAGNOSTICS User-Agent: Go-http-client/1.1 ... show more Honeypot hit: HTTP/1.1 request on 2181 GET /query?q=SHOW+DIAGNOSTICS User-Agent: Go-http-client/1.1; 2181 [6] TCP show less	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-06-02 07:42:11 (1 day ago)	Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDI ... show more Honeypot detection: Redis unauthorized access / data extraction attempt on port 6379. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇱🇺 SiteXL	2026-06-02 07:18:04 (1 day ago)	{"event":{"DateTime":"2026-06-02T07:10:17Z","RemoteAddr":"167.99.234.27:42192","Protocol":"TCP","Com ... show more {"event":{"DateTime":"2026-06-02T07:10:17Z","RemoteAddr":"167.99.234.27:42192","Protocol":"TCP","Command":"GET /v2/_catalog HTTP/1.1\r\nHost: 192.98.123.11:3306\r\nUser-Agent: Go-http-client/1.1\r\nConnection: close\r\n\r\n","CommandOutput":"","Status":"Stateless","Msg":"New TCP attempt","ID":"9d5ce8c7-f905-4664-8990-79d93d61721e","Environ":"","User":"","Password":"","Client":"","Headers":"","HeadersMap":null,"Cookies":"","UserAgent":"","HostHTTPRequest":"","Body":"","HTTPMethod":"","RequestURI":"","Description":"Mysql 8.0.29","SourceIp":"167.99.234.27","SourcePort":"42192","TLSServerName":"","Handler":""},"level":"info","msg":"New Event","status":"Stateless"} {"event":{"DateTime":"2026-06-02T07:10:17Z","RemoteAddr":"167.99.234.27:42204","Protocol":"TCP","Command":"GET /cgi-bin/authLogin.cgi HTTP/1.1\r\nHost: 192.98.123.11:3306\r\nUser-Agent: Go-http-client/1.1\r\nConnection: close\r\n\r\n","CommandOutput":"","Status":"Stateless","Msg":"New TCP attempt","ID":"e2dc36de-d70e-445f-aa69-faba3983b976","Environ":"" show less	Hacking Port Scan Brute-Force
🇩🇪 D3RP4UL	2026-06-02 07:12:54 (1 day ago)	HTTP/1.1 request on 11211 GET / User-Agent: Mozilla/5.0 (compatible; Odin; https://docs.getodin.com ... show more HTTP/1.1 request on 11211 GET / User-Agent: Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/) Accept: / Accept-Encoding: gzip; 11211 [8] TCP show less	Hacking Bad Web Bot
🇨🇦 dpinse	2026-06-02 06:40:20 (1 day ago)	Honeypot [honeypot-ca-sensor1]: MSSQL traffic (on 1433) without login credentials	Port Scan

Showing 31 to 45 of 98 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.149

🇻🇳 160.191.54.27

🇭🇳 45.190.184.32

🇮🇩 36.88.164.114

🇧🇪 198.235.24.209

🇩🇪 194.187.176.132

🇬🇧 193.163.125.138

🇨🇳 183.166.94.133

🇺🇸 173.244.60.241

🇵🇰 153.117.40.237

🇭🇰 152.32.213.68

🇭🇰 152.32.212.149

🇺🇸 143.110.207.86

🇨🇳 115.190.153.156

🇫🇷 91.231.89.253

🇱🇹 81.30.98.144

🇹🇷 78.180.1.147

🇺🇸 67.85.146.216

🇳🇱 64.225.74.178

🇩🇪 46.101.142.214