JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 206.206.64.61

206.206.64.61 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 18%: ?

18%

ISP	Colocation America Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13332
Domain Name	colocationamerica.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 206.206.64.61

Whois 206.206.64.61

IP Abuse Reports for 206.206.64.61:

This IP address has been reported a total of 27 times from 7 distinct sources. 206.206.64.61 was first reported on May 15th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-29 22:01:47 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-28. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-05-28 01:53:39 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 21:53:35.395113 2026] [security2:error] [pid 7858:tid 7858] [client 206.206.64.61:43231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rlharmongroup.com"] [uri "/.env.development.local"] [unique_id "ahegH6pUCpbtlNEuf9bcugAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 21:50:23 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 17:50:18.442590 2026] [security2:error] [pid 19888:tid 19888] [client 206.206.64.61:43219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.badwaterclaims.helpkccare.org"] [uri "/.env.development"] [unique_id "ahdnGpHRkIWHCacRErzTcgAAAAw"], referer: https://www.google.com/search?q=www.badwaterclaims.helpkccare.org show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 17:47:31 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 13:47:23.813051 2026] [security2:error] [pid 21855:tid 21855] [client 206.206.64.61:46481] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dosrios.com.mx\|F\|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dosrios.com.mx"] [uri "/config/master.key"] [unique_id "ahcuKzugoA_isogcxMO8yQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-05-27 17:10:09 (2 weeks ago)	Try to access /.aws/credentials	Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 11:53:18 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 07:53:10.709970 2026] [security2:error] [pid 11401:tid 11401] [client 206.206.64.61:42631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.wilhelminas.biz"] [uri "/wp-config.php.save"] [unique_id "ahbbJonZkW8jCBZ3Vc7lzgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 00:58:29 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 206.206.64.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:58:22.355031 2026] [security2:error] [pid 21248:tid 21248] [client 206.206.64.61:49207] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|tatethegreat.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tatethegreat.com"] [uri "/backup.sql"] [unique_id "ahZBrt99laooQvYRZrjvaAAAAAA"], referer: https://www.google.com/search?q=tatethegreat.com show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-26 21:59:16 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-05-26	Web App Attack SSH Hacking
🇦🇺 oncord	2024-06-07 15:39:25 (2 years ago)	Form spam	Web Spam
🇺🇸 oncord	2024-06-04 16:09:00 (2 years ago)	Form spam	Web Spam
Anonymous	2024-06-03 17:09:15 (2 years ago)		Web Spam
🇦🇺 oncord	2024-06-03 00:31:00 (2 years ago)	Form spam	Web Spam
🇺🇸 oncord	2024-05-29 11:52:32 (2 years ago)	Form spam	Web Spam
🇦🇺 oncord	2024-05-28 02:03:42 (2 years ago)	Form spam	Web Spam
Anonymous	2024-05-26 16:22:12 (2 years ago)		Web Spam

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 217.60.241.103

🇧🇪 198.235.24.214

🇩🇪 194.88.98.113

🇷🇺 188.254.76.32

🇺🇸 157.230.184.110

🇫🇮 147.185.133.78

🇺🇸 147.185.132.253

🇷🇺 92.126.223.175

🇿🇦 82.26.245.14

🇸🇬 47.128.52.187

🇳🇱 45.148.10.141

🇧🇷 191.235.101.61

🇫🇷 173.212.228.191

🇳🇱 172.239.242.103

🇫🇮 147.185.133.41

🇺🇸 138.113.22.151

🇫🇷 51.68.34.131

🇹🇼 34.81.221.157

🇺🇸 206.232.103.38

🇧🇩 202.84.34.85