JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 204.217.145.213

204.217.145.213 was found in our database!

This IP was reported 105 times. Confidence of Abuse is 100%: ?

100%

ISP	Aventice LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	aventice.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 204.217.145.213

Whois 204.217.145.213

IP Abuse Reports for 204.217.145.213:

This IP address has been reported a total of 105 times from 82 distinct sources. 204.217.145.213 was first reported on April 5th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 geot	2026-06-09 10:33:13 (3 days ago)	HEAD /auth.json HTTP/1.1	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-08 21:59:48 (4 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07. show less	Web App Attack SSH Hacking
🇺🇸 EvilTurkey	2026-06-08 18:45:55 (4 days ago)	Web app attack against financial institution website.	Web App Attack Hacking
🇩🇪 FeG Deutschland	2026-06-08 15:04:35 (4 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇵🇱 dzpk	2026-06-08 14:28:46 (4 days ago)	[08/Jun/2026:16:28:06 +0200] 178092888683.369873 204.217.145.213 42561 HOST 80 [08/Jun/2026:16:28:17 ... show more [08/Jun/2026:16:28:06 +0200] 178092888683.369873 204.217.145.213 42561 HOST 80 [08/Jun/2026:16:28:17 +0200] 178092889786.546941 204.217.145.213 35793 HOST 80 [08/Jun/2026:16:28:45 +0200] 178092892556.560528 204.217.145.213 45581 HOST 80 show less	Web App Attack
🇨🇦 ISPLtd	2026-06-08 13:32:00 (4 days ago)	HEAD /.env.swp HEAD /.env.staging HEAD /.env.example HEAD /blog/wp-config.php HEAD /appsettings. ... show more HEAD /.env.swp HEAD /.env.staging HEAD /.env.example HEAD /blog/wp-config.php HEAD /appsettings.Development.json HEAD /settings/production.py HEAD /.yarnrc.yml show less	Web App Attack Hacking
🇪🇸 el-brujo	2026-06-08 12:33:19 (4 days ago)	Cloudflare WAF: Request Path: /config.yml.swp Request Query: Host: foro.elhacker.net userAgent: Moz ... show more Cloudflare WAF: Request Path: /config.yml.swp Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected]) Action: block Source: firewallManaged ASN Description: M247 Europe SRL Country: GB Method: HEAD Timestamp: 2026-06-08T12:33:19Z ruleId: c04705c7adee4ce3a763bd5e18135e0c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇧🇪 voormedia	2026-06-08 12:31:31 (4 days ago)	Accessed trap at '/.git/config'	Web App Attack
🇫🇷 bazter.pro	2026-06-08 12:07:52 (4 days ago)	Auto-Ban [2026-06-08 15:07:43]: CRITICAL: .env attack; DC: Aventice LLC [Paths: 20] \| Details: Explo ... show more Auto-Ban [2026-06-08 15:07:43]: CRITICAL: .env attack; DC: Aventice LLC [Paths: 20] \| Details: Exploit trap paths: /dump.sql, /.env.swp, /.env.staging.swp \| Sensitive files/paths: /web.config.swp, /.configuration.php.swp, /.configuration.php.swp, /config.yaml.swp, /dump.sql \| 404 errors (16): /local_settings.py.swp, /web.config.swp, /kubernetes.yaml, /include/config.php, /.configuration.php.swp, /.env.swp, /configuration.php.swp, /.settings.php.swp, /application/config/database.php, /META-INF/persistence.xml (and 5 more) \| 403 errors (3): /config.yaml.swp, /.configuration.php.swp, /dump.sql \| Other paths: /app/settings.py, /azure-pipelines.yml, /terraform.tfvars show less	Web App Attack Hacking
🇫🇷 Coco Bongo	2026-06-08 11:53:08 (4 days ago)	204.217.145.213 [redacted].contaboserver.net (9009-M247 Europe SRL United Kingdom London) - - [08/Ju ... show more 204.217.145.213 [redacted].contaboserver.net (9009-M247 Europe SRL United Kingdom London) - - [08/Jun/2026:13:51:46 +0200] "HEAD /.env.backup HTTP/1.1" 404 0 "-" "Mozilla/5.0 (compatible; WhiteWebSecur ... show less	Bad Web Bot Web App Attack
🇫🇷 LoneRider	2026-06-08 11:35:36 (4 days ago)	[08/Jun/2026:13:34:51.652930 +0200] aiao266Z4HqZ_Xoc5LNUWgAAAAE 204.217.145.213 35912 127.0.0.1 7081 ... show more [08/Jun/2026:13:34:51.652930 +0200] aiao266Z4HqZ_Xoc5LNUWgAAAAE 204.217.145.213 35912 127.0.0.1 7081 [08/Jun/2026:13:35:09.231548 +0200] aiao7Y-xeAltHsBMp0xX5gAAAAM 204.217.145.213 40646 127.0.0.1 7081 [08/Jun/2026:13:35:35.781895 +0200] aiapB9Da2VrX0-nEf8ILwwAAAAk 204.217.145.213 42942 127.0.0.1 7081 ... show less	Hacking
🇫🇷 masterguru	2026-06-08 11:25:13 (4 days ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .compositefont/ .config/ .conf/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .scr/ .sct/ .shs/ .sql/ .swp/ .sys/ .tlb/ .tmp/ .url/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-196) show less	Hacking
🇬🇧 ISPLtd	2026-06-08 11:21:17 (4 days ago)	204.217.145.213 [08/Jun/2026:08:17:01 -0300] claire.target.domain:443 URL:/.git/config "HEAD /.git/c ... show more 204.217.145.213 [08/Jun/2026:08:17:01 -0300] claire.target.domain:443 URL:/.git/config "HEAD /.git/config 204.217.145.213 [08/Jun/2026:08:21:17 -0300] claire.target.domain:80 URL:/.aws/credentials "HEAD /.aws/credentials ... show less	Hacking Web App Attack
🇫🇮 as211431.net	2026-06-08 10:59:11 (4 days ago)	Triggered Cloudflare WAF (firewallCustom) from GB. Action taken: BLOCK Protocol: HTTP/1.1 (HEAD meth ... show more Triggered Cloudflare WAF (firewallCustom) from GB. Action taken: BLOCK Protocol: HTTP/1.1 (HEAD method) Endpoint: /project/settings.py UA: Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected]) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 omartin	2026-06-08 10:52:03 (4 days ago)	HTTP Vulnerability Scanning / Bot Probing	Hacking Brute-Force Web App Attack

Showing 1 to 15 of 105 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.83.130.207

🇮🇹 151.115.167.163

🇭🇰 114.111.54.189

🇷🇺 46.163.144.31

🇨🇭 34.65.130.136

🇺🇸 18.97.19.137

🇨🇳 223.91.28.76

🇨🇳 203.56.46.78

🇫🇷 85.217.140.18

🇺🇸 70.37.89.177

🇺🇸 44.120.218.185

🇺🇸 23.92.27.206

🇮🇳 223.181.35.134

🇰🇷 220.118.173.234

🇩🇪 213.209.159.56

🇲🇽 187.191.48.9

🇺🇸 165.154.202.95

🇳🇱 45.148.10.157

🇺🇸 44.218.129.225

🇪🇸 31.24.155.180