This IP address has been reported a total of
34
times from
23 distinct
sources.
34.163.13.245 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show moreAuto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-11.
show less
{"ClientAddr":"172.71.232.10:9445","ClientHost":"34.163.13.245","ClientPort":"9445","ClientUsername" ...
show more{"ClientAddr":"172.71.232.10:9445","ClientHost":"34.163.13.245","ClientPort":"9445","ClientUsername":"-","DownstreamContentSize":14,"DownstreamStatus":404,"Duration":64263329,"GzipRatio":0,"OriginContentSize":0,"OriginDuration":23466102,"OriginStatus":0,"Overhead":40797227,"RequestAddr":"ha.timvdberg.dev","RequestContentSize":0,"RequestCount":1177,"RequestHost":"ha.timvdberg.dev","RequestMethod":"GET","RequestPath":"/actuator/logfile","RequestPort":"-","RequestProtocol":"HTTP/2.0","RequestScheme":"https","RetryAttempts":0,"RouterName":"ha@file","ServiceAddr":"192.168.178.26:8123","ServiceName":"ha-svc@file","ServiceURL":"http://192.168.178.26:8123/","StartLocal":"2026-06-11T11:57:22.667575761Z","StartUTC":"2026-06-11T11:57:22.667575761Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"https","level":"info","msg":"","request_Cf-Connecting-Ip":"34.163.13.245","request_X-Forwarded-For":"34.163.13.245","request_X-Real-Ip":"172.71.232.10","time":"2026-06-11T11:57:2
...
show less
FortiGate detected DOS attack from IPv4 address 34.163.13.245
DDoS Attack
Anonymous
Multiple web server 400 error codes from same source ip
Web App Attack
Anonymous
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-sensitive-files; Action=ban; Event ...
show moreIncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-sensitive-files; Action=ban; Events=5; Hosts=www.incognet.io; Paths=/.aws/config,/.aws/credentials,/.docker/config.json,/config/.aws/credentials,/dump.sql; Country=FR; ASN=396982 GOOGLE-CLOUD-PLATFORM
show less
Hacking
Web App Attack
Anonymous
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Co ...
show moreIncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Country=FR; ASN=396982 GOOGLE-CLOUD-PLATFORM
show less
{"level":"info","ts":1781080152.3659077,"logger":"http.log.access.log1","msg":"handled request","req ...
show more{"level":"info","ts":1781080152.3659077,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.163.13.245","remote_port":"33260","client_ip":"34.163.13.245","proto":"HTTP/1.1","method":"GET","host":"wvuupdate.mlkjihgfedcbaupdate.987654321update.dgnvuwww.www.www.www.status.quarks-erp.com","uri":"/actuator/configprops","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Linux; Android 9; Mi A1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Mobile Safari/537.36"]}},"bytes_read":0,"user_id":"","duration":0.000093609,"size":0,"status":308,"resp_headers":{"Connection":["close"],"Location":["https://wvuupdate.mlkjihgfedcbaupdate.987654321update.dgnvuwww.www.www.www.status.quarks-erp.com/actuator/configprops"],"Content-Type":[],"Server":["Caddy"]}}
{"level":"info","ts":1781080152.3702679,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.163.13.245","remote_
...
show less
DDoS Attack
Web App Attack
Anonymous
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-probing; Action=ban; Events=11; Ho ...
show moreIncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-probing; Action=ban; Events=11; Hosts=www.incognet.io; Paths=/_profiler/open,/_profiler/phpinfo,/appsettings.json,/config.env,/credentials.json,/credentials.yaml,/credentials.yml,/secrets.env; Country=FR; ASN=396982 GOOGLE-CLOUD-PLATFORM
show less
Port Scan
Web App Attack
Anonymous
[Wed Jun 10 07:32:51.586964 2026] [authz_core:error] [pid 529895:tid 529895] [client 34.163.13.245:4 ...
show more[Wed Jun 10 07:32:51.586964 2026] [authz_core:error] [pid 529895:tid 529895] [client 34.163.13.245:41392] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/actuator
[Wed Jun 10 07:32:51.588056 2026] [authz_core:error] [pid 529945:tid 529945] [client 34.163.13.245:41390] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/actuator
[Wed Jun 10 07:32:51.594710 2026] [authz_core:error] [pid 529938:tid 529938] [client 34.163.13.245:41408] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/actuator
[Wed Jun 10 07:32:51.605561 2026] [authz_core:error] [pid 529901:tid 529901] [client 34.163.13.245:41414] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/actuator
[Wed Jun 10 07:32:51.613931 2026] [authz_core:error] [pid 529936:tid 529936] [client 34.163.13.245:41424] AH01630: client denied by server configuration: /var/www/erp.alien.net.au/htdocs/actuator
...
show less
Brute-Force
Anonymous
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-crawl-non_statics; Action=ban; Eve ...
show moreIncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-crawl-non_statics; Action=ban; Events=44; Hosts=_; Paths=/app/settings.php,/backend/settings.py,/config/app.php,/config/cache.php,/config/mail.php,/config/services.php; Country=FR; ASN=396982 GOOGLE-CLOUD-PLATFORM
show less