This IP address has been reported a total of
116
times from
51 distinct
sources.
43.131.253.151 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
43.131.253.151 - - [02/Jul/2026:15:02:52 +0200] "GET /config HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Win ...
show more43.131.253.151 - - [02/Jul/2026:15:02:52 +0200] "GET /config HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
43.131.253.151 - - [02/Jul/2026:15:02:52 +0200] "GET /.env HTTP/1.1" 403 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
43.131.253.151 - - [02/Jul/2026:15:02:52 +0200] "GET /.env.local HTTP/1.1" 403 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
43.131.253.151 - - [02/Jul/2026:15:02:53 +0200] "GET /.env.production HTTP/1.1" 403 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
43.131.253.151 - - [02/Jul/2026:15:02:53 +0200] "GET /.env.development HTTP/1.1" 403 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebK
...
show less
[ThuJul0212:00:00.1138502026][security2:error][pid419603:tid419789][client43.131.253.151:0]ModSecuri ...
show more[ThuJul0212:00:00.1138502026][security2:error][pid419603:tid419789][client43.131.253.151:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.bozza.flyingberber.com\"][uri\"/backup/.env\"][unique_id\"akY2oBgZwHbVe_-zzDSjxQAAAMQ\"]
show less
Automated ban via infra-monitor: suspicious-probe, mgmt-path-probe, crowdsecurity/http-sensitive-fil ...
show moreAutomated ban via infra-monitor: suspicious-probe, mgmt-path-probe, crowdsecurity/http-sensitive-files
show less
CrowdSec: Ip 43.131.253.151 performed 'crowdsecurity/http-sensitive-files' (5 events over 426.829594 ...
show moreCrowdSec: Ip 43.131.253.151 performed 'crowdsecurity/http-sensitive-files' (5 events over 426.829594ms) at 2026-07-02 09:22:15.104688296 +0000 UTC (scenario: crowdsecurity/http-sensitive-files)
show less