JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.109.200.215

192.109.200.215 was found in our database!

This IP was reported 1,687 times. Confidence of Abuse is 100%: ?

100%

ISP	Telco power Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51396
Domain Name	telcopower.eu
Country	🇩🇪 Germany
City	Aachen, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.109.200.215

Whois 192.109.200.215

IP Abuse Reports for 192.109.200.215:

This IP address has been reported a total of 1,687 times from 508 distinct sources. 192.109.200.215 was first reported on April 5th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-04-07 05:14:01 (1 month ago)	17 attacks on env grabbing URLs, password grabbing URLs, PHP URLs: GET /config/.env HTTP/1.1 GET /.a ... show more 17 attacks on env grabbing URLs, password grabbing URLs, PHP URLs: GET /config/.env HTTP/1.1 GET /.aws/credentials HTTP/1.1 GET /php_version.php HTTP/1.1 show less	Hacking Web App Attack
🇫🇷 dynamix	2026-04-07 05:10:20 (1 month ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-04-07 05:08:26 (1 month ago)	192.109.200.215 detected on srv01	Brute-Force
🇫🇷 Baking333	2026-04-07 04:52:09 (1 month ago)	[redacted] 192.109.200.215 - - [07/Apr/2026:05:52:07 +0100] "GET /phpinfo HTTP/1.1" 302 5287 0/16793 ... show more [redacted] 192.109.200.215 - - [07/Apr/2026:05:52:07 +0100] "GET /phpinfo HTTP/1.1" 302 5287 0/167931 "http://[redacted]/phpinfo" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 192.109.200.215 - - [07/Apr/2026:05:52:08 +0100] "GET / HTTP/1.1" 200 7929 0/123812 "https://[redacted]/phpinfo" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" show less	Bad Web Bot Web App Attack
🇧🇪 taivas.nl	2026-04-07 04:32:23 (1 month ago)	Many_bad_calls	Web App Attack
🇬🇧 consul.to	2026-04-07 03:54:27 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 bescared	2026-04-07 03:33:44 (1 month ago)	F2B - Malicious activity detected. URL Probing.	Hacking Bad Web Bot Web App Attack
🇸🇪 SkyDancer	2026-04-07 03:14:17 (1 month ago)	Multiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by ... show more Multiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-7 show less	Hacking Brute-Force SSH
🇩🇪 Skyrider	2026-04-07 02:35:36 (1 month ago)	crowdsecurity/http-probing	Hacking
Anonymous	2026-04-07 01:29:37 (1 month ago)	192.109.200.215 - - [07/Apr/2026:03:29:33 +0200] "GET /phpinfo HTTP/1.1" 404 49604 192.109.200.215 - ... show more 192.109.200.215 - - [07/Apr/2026:03:29:33 +0200] "GET /phpinfo HTTP/1.1" 404 49604 192.109.200.215 - - [07/Apr/2026:03:29:33 +0200] "GET /test.php HTTP/1.1" 404 49604 192.109.200.215 - - [07/Apr/2026:03:29:34 +0200] "GET /_profiler/phpinfo HTTP/1.1" 404 49603 192.109.200.215 - - [07/Apr/2026:03:29:34 +0200] "GET /info.php HTTP/1.1" 404 49604 192.109.200.215 - - [07/Apr/2026:03:29:34 +0200] "GET /php.php HTTP/1.1" 404 49604 192.109.200.215 - - [07/Apr/2026:03:29:34 +0200] "GET /php_info.php HTTP/1.1" 404 49604 192.109.200.215 - - [07/Apr/2026:03:29:34 +0200] "GET /i.php HTTP/1.1" 404 49604 192.109.200.215 - - [07/Apr/2026:03:29:35 +0200] "GET /pi.php HTTP/1.1" 404 49604 192.109.200.215 - - [07/Apr/2026:03:29:35 +0200] "GET /pinfo.php HTTP/1.1" 404 49603 192.109.200.215 - - [07/Apr/2026:03:29:35 +0200] "GET /php_version.php HTTP/1.1" 404 49603 ... show less	Web Spam Web App Attack
Anonymous	2026-04-07 00:41:21 (1 month ago)	[Tue Apr 07 02:41:20.671191 2026] [authz_core:error] [pid 24701] [client 192.109.200.215:64973] AH01 ... show more [Tue Apr 07 02:41:20.671191 2026] [authz_core:error] [pid 24701] [client 192.109.200.215:64973] AH01630: client denied by server configuration: /etc/httpd/htdocs [Tue Apr 07 02:41:20.685455 2026] [authz_core:error] [pid 24701] [client 192.109.200.215:64973] AH01630: client denied by server configuration: /etc/httpd/htdocs [Tue Apr 07 02:41:20.699424 2026] [authz_core:error] [pid 24701] [client 192.109.200.215:64973] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇮🇩 ipkindonesia-csirt	2026-04-06 23:52:10 (1 month ago)	Brute-force Exploit Bot	Brute-Force Web App Attack
🇩🇪 gadix	2026-04-06 23:35:08 (1 month ago)	[07/Apr/2026:01:35:06.908982 +0200] adRDKp1bcCR0-L__kZ66SwAAAAE 192.109.200.215 54638 127.0.0.1 7081 ... show more [07/Apr/2026:01:35:06.908982 +0200] adRDKp1bcCR0-L__kZ66SwAAAAE 192.109.200.215 54638 127.0.0.1 7081 [07/Apr/2026:01:35:06.946719 +0200] adRDKuZPsxYf9tPKPreDOAAAAAA 192.109.200.215 54654 127.0.0.1 7081 [07/Apr/2026:01:35:06.985298 +0200] adRDKsYzCcMxOBdZTb_m2AAAAAQ 192.109.200.215 54660 127.0.0.1 7081 ... show less	Web App Attack
🇫🇷 SpaceHost-Server	2026-04-06 22:31:04 (1 month ago)		Brute-Force Web App Attack
🇺🇸 myagent.site	2026-04-06 22:06:42 (1 month ago)	Blocking for trying to access an exploit file: /phpinfo.php	Hacking

Showing 1606 to 1620 of 1687 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 210.79.142.221

🇺🇸 162.216.149.203

🇺🇸 150.136.214.177

🇳🇱 91.92.42.162

🇨🇦 38.49.217.60

🇺🇸 18.97.26.16

🇷🇺 5.255.231.27

🇹🇷 212.68.38.69

🇺🇸 209.90.232.26

🇰🇷 203.142.160.143

🇬🇧 193.163.125.5

🇧🇷 177.207.250.1

🇳🇱 134.209.89.52

🇮🇹 93.92.74.132

🇩🇪 82.21.56.100

🇫🇮 65.109.96.73

🇸🇬 47.84.107.210

🇳🇱 34.34.62.109

🇩🇪 213.209.159.59

🇨🇳 182.242.169.64