JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 151.243.109.204

151.243.109.204 was found in our database!

This IP was reported 385 times. Confidence of Abuse is 0%: ?

ISP	Kraken Network ISP LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209274
Domain Name	abuseradar.com
Country	🇳🇱 Netherlands
City	Kerkrade, Limburg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 151.243.109.204

Whois 151.243.109.204

IP Abuse Reports for 151.243.109.204:

This IP address has been reported a total of 385 times from 122 distinct sources. 151.243.109.204 was first reported on January 27th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 sc user	2026-04-20 05:53:50 (1 month ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
🇬🇧 sc user	2026-04-18 04:26:11 (2 months ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
🇧🇪 cmbplf	2026-04-17 18:49:52 (2 months ago)	134 requests with url.path *.env	Brute-Force Bad Web Bot
Anonymous	2026-04-17 18:03:57 (2 months ago)	(mod_security) mod_security triggered on hostname [redacted] 151.243.109.204 (NL/Netherlands/-)	SQL Injection
🇺🇸 Epimetheus	2026-04-17 17:50:59 (2 months ago)	Unauthorized access attempts: [GET] /.env [GET] /.env [GET] /.env UA: Mozilla/5.0 (Windows NT 10.0 ... show more Unauthorized access attempts: [GET] /.env [GET] /.env [GET] /.env UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇮 oh.mg	2026-04-17 17:45:06 (2 months ago)	[Fri Apr 17 19:45:04.806857 2026] [security2:error] [pid 3305946:tid 3305985] [client 151.243.109.20 ... show more [Fri Apr 17 19:45:04.806857 2026] [security2:error] [pid 3305946:tid 3305985] [client 151.243.109.204:51500] [client 151.243.109.204] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.on.ca.cdn.cloudflare.net"] [uri "/.env"] [unique_id "aeJxoLSr7MC02si8hKvGjwAAAQo"] [Fri Apr 17 19:45:04.893139 2026] [security2:error] [pid 3305946:tid 3305994] [client 151.243.109.204:44960] [client 151.243.109.204] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_ ... show less	Web App Attack Bad Web Bot
🇫🇷 Baking333	2026-04-17 17:40:27 (2 months ago)	[redacted] 151.243.109.204 - - [17/Apr/2026:18:40:25 +0100] "GET /.env HTTP/1.1" 302 5317 0/102233 " ... show more [redacted] 151.243.109.204 - - [17/Apr/2026:18:40:25 +0100] "GET /.env HTTP/1.1" 302 5317 0/102233 "http://[redacted]/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 151.243.109.204 - - [17/Apr/2026:18:40:25 +0100] "GET / HTTP/1.1" 200 8074 0/269059 "https://[redacted]/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-04-17 17:07:32 (2 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇳🇱 Site.eu	2026-04-17 15:50:28 (2 months ago)	Excessive multi-domain requests	Brute-Force
🇲🇾 Rizzy	2026-04-17 15:40:50 (2 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇬🇧 sc user	2026-04-15 15:46:05 (2 months ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
🇺🇸 ambor	2026-04-14 19:06:53 (2 months ago)	Honeypot triggered on tcpdata.com - Attempted to access /.env (config_file_probe). User-Agent: Mozil ... show more Honeypot triggered on tcpdata.com - Attempted to access /.env (config_file_probe). User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
Anonymous	2026-04-14 03:04:34 (2 months ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: Clou ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: Cloud secrets probing show less	Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-04-13 15:19:36 (2 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇨🇭 4server	2026-04-13 13:47:04 (2 months ago)	[MonApr1315:47:00.7558752026][security2:error][pid2557054:tid2557068][client151.243.109.204:0]ModSec ... show more [MonApr1315:47:00.7558752026][security2:error][pid2557054:tid2557068][client151.243.109.204:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"342\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"allegrafamiglia.ch\"][uri\"/.env\"][unique_id\"adzz1L1UFlISNHjFqWWEcAAAAEw\"] show less	Hacking Web App Attack

Showing 1 to 15 of 385 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.246.240.162

🇺🇸 69.73.187.130

🇷🇺 62.60.187.138

🇳🇱 51.15.59.186

🇳🇱 45.148.10.151

🇺🇸 20.163.34.54

🇨🇳 223.68.7.235

🇵🇱 194.180.48.34

🇷🇴 193.32.162.92

🇷🇴 80.94.92.187

🇱🇹 77.90.185.80

🇧🇷 45.184.47.88

🇳🇱 45.148.10.157

🇺🇸 20.163.34.41

🇺🇸 20.163.33.220

🇺🇸 216.25.89.77

🇳🇱 152.42.142.128

🇳🇱 77.91.71.11

🇺🇸 20.163.32.79

🇺🇸 20.163.32.78