JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 220.134.18.112

220.134.18.112 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 57%: ?

57%

ISP	Chunghwa Telecom Data Communication Business Group
Usage Type	Fixed Line ISP
ASN	AS3462
Hostname(s)	220-134-18-112.hinet-ip.hinet.net
Domain Name	cht.com.tw
Country	🇹🇼 Taiwan
City	Taichung, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 220.134.18.112

Whois 220.134.18.112

IP Abuse Reports for 220.134.18.112:

This IP address has been reported a total of 16 times from 9 distinct sources. 220.134.18.112 was first reported on June 6th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 TheCoon	2026-06-13 21:30:01 (4 hours ago)	Automated: Honeypot scanner detected	Web App Attack Hacking
🇨🇭 4server	2026-06-13 21:20:48 (4 hours ago)	[SatJun1323:20:44.1522212026][security2:error][pid3066474:tid3066848][client220.134.18.112:0]ModSecu ... show more [SatJun1323:20:44.1522212026][security2:error][pid3066474:tid3066848][client220.134.18.112:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"cadvending.ch\"][uri\"/.git/HEAD\"][unique_id\"ai3JrCk8FjGxqPwc_3YRrgAAAAA\"] show less	Hacking Web App Attack
🇩🇪 4server	2026-06-13 20:50:26 (5 hours ago)	[SatJun1322:50:20.6231372026][security2:error][pid1650660:tid1650674][client220.134.18.112:0]ModSecu ... show more [SatJun1322:50:20.6231372026][security2:error][pid1650660:tid1650674][client220.134.18.112:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"akastudio.ch\"][uri\"/.git/HEAD\"][unique_id\"ai3CjPmn-lXPRicjG4j6pAAAAAE\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 14:14:33 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.n ... show more (mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 10:14:26.983610 2026] [security2:error] [pid 21046:tid 21046] [client 220.134.18.112:58466] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daveewalker.bz"] [uri "/.git/HEAD"] [unique_id "ai1lwvZOoA0PN_VjERARRgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 13:43:54 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.n ... show more (mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 09:43:50.434490 2026] [security2:error] [pid 22458:tid 22458] [client 220.134.18.112:45650] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inwriting.buzz"] [uri "/.git/HEAD"] [unique_id "ai1eljlz7Zucimy3lXJ_9QAAAGc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 09:10:02 (16 hours ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 05:17:16 (20 hours ago)	(mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.n ... show more (mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:17:12.544729 2026] [security2:error] [pid 13522:tid 13546] [client 220.134.18.112:39616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oconnorpest.biz"] [uri "/.git/HEAD"] [unique_id "aizn2IpldIV7tNyZ8LblBQAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 04:13:34 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.n ... show more (mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 00:13:29.828665 2026] [security2:error] [pid 2812:tid 2812] [client 220.134.18.112:48560] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fastpc.biz"] [uri "/.git/HEAD"] [unique_id "aizY6Zz1EBSfRWtot5q2yQAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 03:57:07 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.n ... show more (mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 23:57:01.496610 2026] [security2:error] [pid 848:tid 848] [client 220.134.18.112:58180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darrow.biz"] [uri "/.git/HEAD"] [unique_id "aizVDWJoJOlUnolL1OqtQQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 beon	2026-06-13 03:34:00 (22 hours ago)	[DateTime=>2026-06-13T03:34:00Z (UTC)] , [HoneyPot_Hit=>once] , [HoneyPot=>/.git/HEAD] , [total_Hit= ... show more [DateTime=>2026-06-13T03:34:00Z (UTC)] , [HoneyPot_Hit=>once] , [HoneyPot=>/.git/HEAD] , [total_Hit=>once] show less	Bad Web Bot Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-13 03:06:43 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.n ... show more (mod_security) mod_security (id:210492) triggered by 220.134.18.112 (220-134-18-112.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 23:06:38.650625 2026] [security2:error] [pid 12948:tid 12954] [client 220.134.18.112:51870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killasgarage.bike"] [uri "/.git/HEAD"] [unique_id "aizJPp6M2WPOejNPVF0EywAAAYM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-06-13 01:00:33 (1 day ago)	Git HEAD exposure probe	Web App Attack
🇧🇪 cmbplf	2026-06-13 00:34:16 (1 day ago)	540 requests with url.path .git/	Brute-Force Bad Web Bot
🇦🇺 2000cn.com.au	2026-06-12 20:43:50 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 mccsoft.io	2026-06-12 12:00:48 (1 day ago)	Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ... show more Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received). show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 165.227.32.151

🇸🇪 90.231.51.54

🇬🇧 81.130.236.152

🇮🇶 65.20.146.109

🇻🇪 206.0.188.161

🇧🇪 198.235.24.171

🇺🇸 184.105.139.70

🇻🇳 180.93.172.213

🇩🇪 164.92.130.48

🇧🇪 35.241.252.91

🇬🇧 35.203.211.80

🇧🇦 5.59.163.70

🇩🇪 213.209.159.227

🇧🇷 205.210.31.213

🇲🇽 187.226.42.208

🇨🇦 172.217.43.24

🇨🇳 120.92.105.170

🇻🇳 113.161.39.122

🇳🇱 91.92.40.8

🇵🇱 87.251.64.158