JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 198.105.100.216

198.105.100.216 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 3%: ?

ISP	SYN LTD
Usage Type	Fixed Line ISP
ASN	AS64080
Domain Name	syn.uk
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 198.105.100.216

Whois 198.105.100.216

IP Abuse Reports for 198.105.100.216:

This IP address has been reported a total of 53 times from 13 distinct sources. 198.105.100.216 was first reported on March 4th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇪 AutosOnShow	2026-06-21 14:35:07 (5 days ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-21 14:34:18.163 \|	Web App Attack
🇮🇪 AutosOnShow	2026-06-18 02:15:06 (1 week ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-18 02:14:26.799 \|	Web App Attack
🇨🇳 ThreatBook.io	2026-03-22 01:08:05 (3 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/198.105.100.216 2 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/198.105.100.216 2026-03-21 13:24:33 /,{"body":"0x%5B%5D=androxgh0st","content_type":"application/x-www-form-urlencoded","header":{"Accept":["/"],"Accept-Encoding":["gzip"],"Connection":["close"],"Content-Length":["20"],"Content-Type":["application/x-www-form-urlencoded"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"]},"host":"44.243.95.195","method":"POST","proto":"HTTP/1.1","remote_addr":"198.105.100.216:48329","status_code":200,"url":"/","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"} 2026-03-21 13:24:33 /.env show less	Web App Attack
🇨🇳 ThreatBook.io	2026-03-21 01:07:19 (3 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/198.105.100.216 2 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/198.105.100.216 2026-03-20 04:09:10 /.env 2026-03-20 04:09:10 /,{"body":"0x%5B%5D=androxgh0st","content_type":"application/x-www-form-urlencoded","header":{"Accept":["/"],"Accept-Encoding":["gzip"],"Connection":["close"],"Content-Length":["20"],"Content-Type":["application/x-www-form-urlencoded"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"]},"host":"44.243.95.195","method":"POST","proto":"HTTP/1.1","remote_addr":"198.105.100.216:34017","status_code":200,"url":"/","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"} show less	Web App Attack
Anonymous	2025-12-08 07:19:03 (6 months ago)	$f2bV_matches	Brute-Force
🇺🇸 ne1for23	2025-11-25 23:04:38 (7 months ago)	Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ... show more Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution. 198.105.100.216 - - [25/Nov/2025:23:04:38 +0000] "GET /.env HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" "-" show less	Hacking
🇮🇩 securejdprop	2025-10-09 14:52:59 (8 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Request to ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Request to Hidden Environment File - Inbound). Ip 198.105.100.216 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2025-10-09 14:52:57.730205196 +0000 UTC show less	Web App Attack
🇸🇬 Charles	2025-09-20 04:11:51 (9 months ago)	198.105.100.216 - - [20/Sep/2025:12:11:49 +0800] "GET /.env HTTP/1.1" 404 5930 "-" "Mozilla/5.0 (Win ... show more 198.105.100.216 - - [20/Sep/2025:12:11:49 +0800] "GET /.env HTTP/1.1" 404 5930 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" ... show less	Web Spam Email Spam Brute-Force Bad Web Bot Web App Attack SSH
🇨🇴 j458rjqwi348fhjq46	2025-08-06 18:13:18 (10 months ago)	Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extende ... show more Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extended rules), Exposure of environment file (.env). Activity: 127 requests to 3 URLs. Period: 2025-08-06 12:08:55 - 2025-08-06 12:08:55 (America/Bogota). Origin: GB. Source: Automated WAF log analysis. show less	Hacking Web App Attack
🇨🇴 j458rjqwi348fhjq46	2025-07-22 17:46:03 (11 months ago)	Malicious IP detected by WAF with anomaly score 10.0. Attack types: Exposure of environment file (.e ... show more Malicious IP detected by WAF with anomaly score 10.0. Attack types: Exposure of environment file (.env), Suspicious URL detected (extended rules). Activity: 20 requests to 1 URLs. Period: 2025-07-20 10:46:48 - 2025-07-20 10:46:48 (America/Bogota). Origin: GB. Source: Automated WAF log analysis. show less	Hacking Web App Attack
🇮🇪 AutosOnShow	2025-07-19 20:37:06 (11 months ago)	blocked for webapp attack \| path requested: /.env \| seen at 2025-07-19 20:36:08.446 \|	Web App Attack
Anonymous	2025-03-02 01:56:24 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-21 04:01:17 (1 year ago)	ignores robots.txt	Bad Web Bot
Anonymous	2025-02-18 14:55:21 (1 year ago)	alibaba cloud ddos like web scan	Bad Web Bot
Anonymous	2025-02-11 08:30:54 (1 year ago)	Illegal actions on webapp	Hacking Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.252

🇳🇱 188.166.68.252

🇺🇸 162.216.150.102

🇲🇾 121.122.119.170

🇨🇳 119.53.253.2

🇰🇪 41.191.229.226

🇬🇧 35.203.210.130

🇺🇸 216.25.89.103

🇳🇱 195.178.110.30

🇷🇴 193.32.162.84

🇧🇷 191.185.78.17

🇻🇳 103.176.20.115

🇫🇷 95.111.234.72

🇨🇦 85.217.149.67

🇩🇪 46.249.98.62

🇩🇪 2.203.100.16

🇹🇼 198.235.24.43

🇳🇱 195.178.110.232

🇳🇱 192.42.116.114

🇨🇳 111.26.69.160