JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 206.232.2.117

206.232.2.117 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 20%: ?

20%

ISP	Aventice LLC
Usage Type	Fixed Line ISP
ASN	AS11572
Domain Name	aventice.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 206.232.2.117

Whois 206.232.2.117

IP Abuse Reports for 206.232.2.117:

This IP address has been reported a total of 19 times from 7 distinct sources. 206.232.2.117 was first reported on November 23rd 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-06-04 22:58:22 (3 days ago)	Fail2Ban banned 206.232.2.117 for security violations in jail nginx-aggressive. Log: 2026/06/04 22:5 ... show more Fail2Ban banned 206.232.2.117 for security violations in jail nginx-aggressive. Log: 2026/06/04 22:58:20 [crit] SSL_read() failed (SSL: error:0A00010B:SSL routines::wrong version number error:0A000139:SSL routines::record layer failure) while keepalive, client: 206.232.2.117, server: [REDACTED] 2026/06/04 22:58:22 [crit] SSL_read() failed (SSL: error:0A00010B:SSL routines::wrong version number error:0A000139:SSL routines::record layer failure) while keepalive, client: 206.232.2.117, server: [REDACTED] ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 21:59:39 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 17:59:32.532495 2026] [security2:error] [pid 12618:tid 12618] [client 206.232.2.117:56737] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.holgerfeld.com:80\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.holgerfeld.com"] [uri "/mailto:[email protected]"] [unique_id "ahyvRCezJm-qXupOE5sRZAAAAAI"], referer: http://www.holgerfeld.com show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-19 11:08:15 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:14-08.206.232.2.117	Web App Attack
🇱🇻 garmtech.com	2026-05-10 02:38:38 (4 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-38.206.232.2.117.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-38.206.232.2.117.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 12:57:21 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 08:57:16.357629 2026] [security2:error] [pid 50920:tid 50920] [client 206.232.2.117:63005] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.CapitalSwissCorp.com:80\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.capitalswisscorp.com"] [uri "/mailto:[email protected]"] [unique_id "ad45rEIRa2rH5FK5STD7vwAAAAU"], referer: http://www.CapitalSwissCorp.com show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-03-23 23:29:08 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-29.206.232.2.117.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-29.206.232.2.117.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-03-20 17:45:12 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-45.206.232.2.117.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-45.206.232.2.117.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-20 06:51:57 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 02:51:50.615559 2026] [security2:error] [pid 17602:tid 17602] [client 206.232.2.117:29649] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|CapitalSwissCorp.com:80\|F\|2"] [data "[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "capitalswisscorp.com"] [uri "/mailto:[email protected]"] [unique_id "abzuhl9AFewRO_h9S8Kd1gAAAAc"], referer: http://CapitalSwissCorp.com show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-20 05:56:08 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-56.206.232.2.117.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-56.206.232.2.117.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇫🇷 tilellit.pro	2026-01-24 16:00:27 (4 months ago)	Fail2Ban banned 206.232.2.117 for security violations in jail nginx-aggressive. Log: 2026/01/24 16:0 ... show more Fail2Ban banned 206.232.2.117 for security violations in jail nginx-aggressive. Log: 2026/01/24 16:00:22 [crit] SSL_read() failed (SSL: error:0A00010B:SSL routines::wrong version number error:0A000139:SSL routines::record layer failure) while keepalive, client: 206.232.2.117, server: [REDACTED] 2026/01/24 16:00:26 [crit] SSL_read() failed (SSL: error:0A00010B:SSL routines::wrong version number error:0A000139:SSL routines::record layer failure) while keepalive, client: 206.232.2.117, server: [REDACTED] ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 16:55:49 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 11:55:43.188516 2026] [security2:error] [pid 19686:tid 19686] [client 206.232.2.117:54489] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.televisonic.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.televisonic.com"] [uri "/mailto:[email protected]"] [unique_id "aXJWj0N0ZbcEc0nhmHMrwAAAABI"], referer: https://www.televisonic.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-04 09:40:31 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 206.232.2.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 04 04:40:27.101536 2026] [security2:error] [pid 20998:tid 21022] [client 206.232.2.117:56163] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|greencitymethods.com:80\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "greencitymethods.com"] [uri "/mailto:[email protected]"] [unique_id "aVo1i1wB8Yy8jxGqaJiv3AAAAJY"], referer: http://greencitymethods.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-04-23 09:15:46 (1 year ago)	WP Login Scan Activities	Web App Attack
🇧🇪 voormedia	2025-04-04 20:40:33 (1 year ago)	Accessed trap at '/wp-login.php'	Web App Attack
Anonymous	2025-03-01 01:07:34 (1 year ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.216.145.185

🇨🇳 180.153.236.225

🇨🇳 180.76.179.77

🇨🇳 110.177.178.201

🇮🇳 103.5.134.18

🇳🇱 89.21.67.176

🇨🇦 85.217.149.74

🇳🇱 45.148.10.152

🇳🇱 45.148.10.141

🇺🇸 34.162.210.192

🇺🇸 34.162.146.71

🇰🇷 34.64.107.179

🇨🇳 183.191.123.21

🇨🇳 183.185.111.60

🇺🇸 162.158.186.226

🇺🇸 66.132.195.44

🇨🇳 42.239.125.68

🇯🇵 34.97.221.51

🇮🇳 14.195.24.147

🇺🇸 2603:3026:431:9900:78ac:5512:17f1:b0dc