JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.109.200.215

192.109.200.215 was found in our database!

This IP was reported 1,701 times. Confidence of Abuse is 100%: ?

100%

ISP	Telco power Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51396
Domain Name	telcopower.eu
Country	🇩🇪 Germany
City	Aachen, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.109.200.215

Whois 192.109.200.215

IP Abuse Reports for 192.109.200.215:

This IP address has been reported a total of 1,701 times from 509 distinct sources. 192.109.200.215 was first reported on April 5th 2026, and the most recent report was 5 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇿🇦 slartybartfast69420blazit	2026-06-01 20:19:00 (2 days ago)	Fail2ban picked up 192.109.200.215 attacking nginx	Web App Attack
Anonymous	2026-06-01 20:07:15 (2 days ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
Anonymous	2026-06-01 19:20:07 (2 days ago)	192.109.200.215 - - [01/Jun/2026:19:20:07 +0000] "GET /.aws/credentials HTTP/1.1" 404 6963 "http://a ... show more 192.109.200.215 - - [01/Jun/2026:19:20:07 +0000] "GET /.aws/credentials HTTP/1.1" 404 6963 "http://amo.rocks/.aws/credentials" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Brute-Force Web App Attack
🇩🇪 ITSNF	2026-06-01 19:15:07 (2 days ago)	Blocked by OPNsense firewall; 219 hits, proto=tcp, ports=80	Port Scan Hacking
🇨🇭 beatsnet.com	2026-06-01 18:34:44 (2 days ago)	[Mon Jun 01 20:34:43.574691 2026] [proxy_fcgi:error] [pid 23949:tid 6452238977040] [client 192.109.2 ... show more [Mon Jun 01 20:34:43.574691 2026] [proxy_fcgi:error] [pid 23949:tid 6452238977040] [client 192.109.200.215:55929] AH01071: Got error 'Primary script unknown' [Mon Jun 01 20:34:43.621824 2026] [proxy_fcgi:error] [pid 23949:tid 6452238977040] [client 192.109.200.215:55929] AH01071: Got error 'Primary script unknown' [Mon Jun 01 20:34:43.693049 2026] [proxy_fcgi:error] [pid 23949:tid 6452238977040] [client 192.109.200.215:55929] AH01071: Got error 'Primary script unknown' [Mon Jun 01 20:34:43.729078 2026] [proxy_fcgi:error] [pid 23949:tid 6452238977040] [client 192.109.200.215:55929] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force Web App Attack
🇺🇸 Victor López	2026-06-01 18:31:59 (2 days ago)	videoprenatal.com 192.109.200.215 - - [01/Jun/2026:13:31:56 -0500] "GET /.env HTTP/2.0" 404 15881 "h ... show more videoprenatal.com 192.109.200.215 - - [01/Jun/2026:13:31:56 -0500] "GET /.env HTTP/2.0" 404 15881 "http://videoprenatal.com/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" videoprenatal.com 192.109.200.215 - - [01/Jun/2026:13:31:57 -0500] "GET /.env.example HTTP/2.0" 404 15886 "http://videoprenatal.com/.env.example" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" videoprenatal.com 192.109.200.215 - - [01/Jun/2026:13:31:58 -0500] "GET /.env.local HTTP/2.0" 404 15882 "http://videoprenatal.com/.env.local" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Hacking Web App Attack
🇫🇮 kumiko	2026-06-01 17:44:37 (2 days ago)	[2026-06-01 20:44:37] Probing for dotfiles "GET /.aws/credentials HTTP/1.1" 301	Bad Web Bot Web App Attack
Anonymous	2026-06-01 16:20:07 (2 days ago)	$f2bV_matches	Brute-Force Web App Attack
🇬🇧 Axel	2026-06-01 14:52:02 (2 days ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇩🇪 pscriptos	2026-06-01 14:49:51 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing	Web App Attack Hacking
Anonymous	2026-06-01 13:37:56 (2 days ago)	2026-06-01 15:37:55,214 fail2ban.actions [629]: NOTICE [apache-php-scans] Ban 192.109.200.21 ... show more 2026-06-01 15:37:55,214 fail2ban.actions [629]: NOTICE [apache-php-scans] Ban 192.109.200.215 2026-06-01 15:37:55,219 fail2ban.actions [629]: NOTICE [apache-noscript] Ban 192.109.200.215 2026-06-01 15:37:55,476 fail2ban.actions [629]: NOTICE [apache-custom] Ban 192.109.200.215 ... show less	Brute-Force Web App Attack
🇫🇷 dwmp	2026-06-01 11:29:17 (3 days ago)	[01/Jun/2026:13:29:06.324751 +0200] ah1tAk821wEsecd1wX8G4QAAAA4 192.109.200.215 48978 38.242.227.117 ... show more [01/Jun/2026:13:29:06.324751 +0200] ah1tAk821wEsecd1wX8G4QAAAA4 192.109.200.215 48978 38.242.227.117 7081 [01/Jun/2026:13:29:11.350621 +0200] ah1tB-AZwX8qfXibYQ4d-gAAAFU 192.109.200.215 48980 38.242.227.117 7081 [01/Jun/2026:13:29:17.270902 +0200] ah1tDfAZwX8qfXibYQ4d-wAAAEA 192.109.200.215 48982 38.242.227.117 7081 ... show less	Brute-Force SSH
🇫🇷 ✨	2026-06-01 07:40:04 (3 days ago)	Domain : gestioncgt.es Rule : hack 2026-06-01 07:38:37 *hidden-privacy* GET /php_info.php - 80 - ... show more Domain : gestioncgt.es Rule : hack 2026-06-01 07:38:37 *hidden-privacy* GET /php_info.php - 80 - 192.109.200.215 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 - gestioncgt.es 301 0 0 531 203 47 - - show less	Hacking SQL Injection Brute-Force
🇦🇱 router.al	2026-06-01 07:04:41 (3 days ago)	06/01/2026-07:04:41.181655 192.109.200.215 Protocol: 6 ET WEB_SERVER WEB-PHP phpinfo access	Port Scan
🇫🇷 masterguru	2026-06-01 05:48:04 (3 days ago)	Restricted File Access Attempt. Matched phrase ".aws/credentials" at REQUEST_FILENAME. (930130-143)	Hacking Web App Attack

Showing 91 to 105 of 1701 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.128.15.127

🇩🇪 217.154.173.63

🇺🇸 216.180.246.11

🇭🇰 199.45.154.185

🇲🇦 196.64.101.232

🇹🇭 159.192.73.218

🇺🇸 137.184.235.90

🇰🇷 118.33.113.91

🇳🇿 103.75.11.133

🇷🇴 92.118.39.236

🇭🇰 47.239.228.232

🇲🇽 45.134.9.27

🇹🇿 41.59.64.96

🇮🇳 210.212.136.3

🇺🇸 208.84.100.132

🇨🇱 179.61.103.116

🇺🇸 146.190.140.242

🇨🇳 123.163.253.80

🇵🇭 112.208.179.228

🇺🇸 107.0.200.227