JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.104.234.151

172.104.234.151 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 50%: ?

50%

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	172-104-234-151.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.104.234.151

Whois 172.104.234.151

IP Abuse Reports for 172.104.234.151:

This IP address has been reported a total of 34 times from 31 distinct sources. 172.104.234.151 was first reported on November 10th 2023, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 piticu iuli	2026-06-01 14:24:24 (3 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 172.104.234.151 (DE/Germany/172-104-234 ... show more (mod_security) mod_security triggered on hostname [redacted] 172.104.234.151 (DE/Germany/172-104-234-151.ip.linodeusercontent.com) show less	SQL Injection
🇮🇳 Mr.Singh	2026-06-01 03:30:13 (3 weeks ago)	NFT blocked 172.104.234.151 after 11 rejections on 01-Jun-2026.	Port Scan Brute-Force
🇩🇪 sdos.es	2026-06-01 00:37:04 (3 weeks ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
🇷🇴 andreighitan	2026-06-01 00:00:00 (3 weeks ago)	Coordinated Linode/Akamai DevOps secrets harvesting against 84.46.253.134. Targeted Terraform state ... show more Coordinated Linode/Akamai DevOps secrets harvesting against 84.46.253.134. Targeted Terraform state files + wp-config.php. ZAC Bayern ref BY0257-500359-26/8. show less	Brute-Force
🇨🇦 martenmark	2026-05-31 11:39:44 (3 weeks ago)	172.104.234.151 - - [31/May/2026:11:39:43 +0000] "GET /.aws/credentials.bak HTTP/1.1" 403 3923 "-" " ... show more 172.104.234.151 - - [31/May/2026:11:39:43 +0000] "GET /.aws/credentials.bak HTTP/1.1" 403 3923 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-05-28 11:09:56 (4 weeks ago)	$f2bV_matches	Brute-Force Web App Attack
🇫🇷 COMAITE	2026-05-28 07:06:44 (4 weeks ago)	Suspicious URL access.	Web App Attack
🇺🇸 jfz-abuse	2026-05-28 03:36:01 (4 weeks ago)	fail2ban: apache-php-recon ...	Web App Attack
🇺🇸 oukat	2026-05-27 12:45:47 (1 month ago)	Web bot / web application probing against nginx	Bad Web Bot Web App Attack
🇩🇪 tentwentyfour	2026-05-26 20:26:48 (1 month ago)	172.104.234.151 - - [26/May/2026:22:26:39 +0200] "GET /.env.json HTTP/1.1" 404 187 "-" "Mozilla/5.0 ... show more 172.104.234.151 - - [26/May/2026:22:26:39 +0200] "GET /.env.json HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.104.234.151 - - [26/May/2026:22:26:40 +0200] "GET /.github/workflows/deploy.yml HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.104.234.151 - - [26/May/2026:22:26:42 +0200] "GET /.env.example HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.104.234.151 - - [26/May/2026:22:26:47 +0200] "GET /.env.staging HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.104.234.151 - - [26/May/2026:22:26:47 +0200] "GET /.env.test HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Ch ... show less	Brute-Force Web App Attack
🇫🇮 agaesteves	2026-05-26 08:30:32 (1 month ago)	[SISHIPISMO 360] TipoAtaque.PATH_PROBE \| Acesso a path suspeito: /config/database.yml \| Paths: /conf ... show more [SISHIPISMO 360] TipoAtaque.PATH_PROBE \| Acesso a path suspeito: /config/database.yml \| Paths: /config/database.yml \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Sa show less	Web App Attack
🇧🇪 voormedia	2026-05-24 13:20:43 (1 month ago)	Accessed trap at '/config/secrets.yml'	Web App Attack
🇩🇪 strxmpp	2026-05-23 16:21:42 (1 month ago)	172.104.234.151 - - [23/May/2026:18:21:41 +0200] "GET /app/aws/config.js HTTP/1.1" 404 495 "-" "Mozi ... show more 172.104.234.151 - - [23/May/2026:18:21:41 +0200] "GET /app/aws/config.js HTTP/1.1" 404 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Bad Web Bot
🇧🇷 Vieira Filho	2026-05-23 08:53:35 (1 month ago)	172.104.234.151 - - [23/May/2026:05:53:34 -0300] [35.198.31.82] "35.198.31.82" "GET /config/aws.php ... show more 172.104.234.151 - - [23/May/2026:05:53:34 -0300] [35.198.31.82] "35.198.31.82" "GET /config/aws.php HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 0.000 172.104.234.151 - - [23/May/2026:05:53:34 -0300] [35.198.31.82] "35.198.31.82" "GET /static/aws-config.js HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 0.000 172.104.234.151 - - [23/May/2026:05:53:34 -0300] [35.198.31.82] "35.198.31.82" "GET /settings.json.bak HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 0.000 172.104.234.151 - - [23/May/2026:05:53:35 -0300] [35.198.31.82] "35.198.31.82" "GET /app/routes/aws.js HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 0.000 172.104.234.151 ... show less	Brute-Force Web App Attack Exploited Host
🇺🇸 cwytech	2026-05-23 05:22:11 (1 month ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: crowdsecurity/http-probing.	Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 178.20.210.152

🇺🇸 162.241.239.241

🇺🇸 155.94.145.131

🇺🇸 147.185.132.37

🇵🇭 138.84.100.155

🇺🇦 91.206.200.153

🇳🇱 81.19.216.87

🇺🇸 57.141.20.35

🇺🇸 52.176.211.73

🇮🇱 38.64.218.252

🇮🇩 2404:c0:c201:e7ae:b800:9a76:f288:5aec

🇺🇸 216.24.219.219

🇪🇸 207.188.151.115

🇲🇳 202.21.125.44

🇧🇷 200.123.237.111

🇨🇳 183.134.92.194

🇫🇮 147.185.133.14

🇯🇴 79.173.216.196

🇮🇳 49.43.5.120

🇬🇧 35.203.211.93