JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 206.206.64.215

206.206.64.215 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 0%: ?

ISP	Hype Enterprises
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13332
Domain Name	hype.enterprises
Country	🇺🇸 United States of America
City	Santa Monica, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 206.206.64.215

Whois 206.206.64.215

IP Abuse Reports for 206.206.64.215:

This IP address has been reported a total of 10 times from 5 distinct sources. 206.206.64.215 was first reported on September 13th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 02:48:23 (4 months ago)	(mod_security) mod_security (id:218420) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:218420) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:48:18.420076 2026] [security2:error] [pid 1535:tid 1983] [client 206.206.64.215:34035] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|www.staging.kettlehill.com\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "staging.kettlehill.com"] [uri "/cgi-bin/php-cgi.exe"] [unique_id "aXgncrZfoZ-BogEqpvEkCQAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 00:16:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 19:16:12.670578 2026] [security2:error] [pid 7898:tid 7898] [client 206.206.64.215:56447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htpasswd" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.htpasswd"] [unique_id "aWwmTJUyE0t-pNgTCAGEEAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 09:39:19 (6 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 12:18:29 (7 months ago)	(mod_security) mod_security (id:221260) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 07:18:22.975105 2025] [security2:error] [pid 14357:tid 14357] [client 206.206.64.215:58799] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|ftp.nbcnewsradio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/cgi-bin/test"] [unique_id "aRXMjqYBeqYwALnrsWoXgwAAABQ"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-26 23:14:08 (10 months ago)	(mod_security) mod_security (id:221260) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 19:09:02.969623 2025] [security2:error] [pid 19500:tid 19525] [client 206.206.64.215:44643] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|ftp.kettlehill.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.net"] [uri "/debug.cgi"] [unique_id "aIVgDi-82AcwFY0KVGEYuQAAAFI"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 16:16:38 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 12:15:22.703487 2025] [security2:error] [pid 2952526:tid 2952526] [client 206.206.64.215:59743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.farmers123.com"] [uri "/.env.www"] [unique_id "aDiIGsD1BVuUw3DCHjCfPgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dayda.net	2025-05-22 06:18:52 (1 year ago)	gf_page=randomstring	Bad Web Bot
🇺🇸 TPI-Abuse	2025-02-28 21:23:27 (1 year ago)	(mod_security) mod_security (id:212620) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212620) triggered by 206.206.64.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 16:22:11.964197 2025] [security2:error] [pid 23561:tid 23691] [client 206.206.64.215:47943] [client 206.206.64.215] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|mail.kettlehill.net\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /oauth/idp/logout?post_logout_redirect_uri=<script>console.log(`xss`)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "mail.kettlehill.net"] [uri "/oauth/idp/logout"] [unique_id "Z8IpA3jWG_hpP6e9uUo5_gAAAoU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-01-17 15:51:13 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇳🇱 Roderic	2024-09-13 22:10:16 (1 year ago)	(apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 206.206.64.215 ( ... show more (apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 206.206.64.215 (US/United States/-) show less	Hacking

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:80d:1008::96

🇨🇳 222.186.68.154

🇰🇷 203.232.73.12

🇺🇸 195.184.76.133

🇺🇸 181.177.80.113

🇧🇷 179.184.241.69

🇨🇦 142.44.225.179

🇮🇳 125.19.159.186

🇺🇸 104.234.53.167

🇮🇳 103.136.137.73

🇮🇩 103.100.84.116

🇨🇳 101.126.53.14

🇫🇷 91.231.89.117

🇫🇷 91.231.89.62

🇺🇸 20.163.15.91

🇬🇧 198.244.183.245

🇬🇧 185.91.69.164

🇺🇸 172.191.239.155

🇺🇸 172.104.27.129

🇨🇳 171.36.14.76