JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 207.180.249.63

207.180.249.63 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 16%: ?

16%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	m12063.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 207.180.249.63

Whois 207.180.249.63

IP Abuse Reports for 207.180.249.63:

This IP address has been reported a total of 14 times from 8 distinct sources. 207.180.249.63 was first reported on March 6th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-21 12:02:09 (1 month ago)	Web attack	Bad Web Bot Web App Attack
Anonymous	2026-04-20 00:22:02 (1 month ago)	Malicious activity detected	Hacking Web App Attack
🇩🇪 Live Home Cams	2026-04-19 02:22:19 (1 month ago)	WebApp brute force attack detected. Multiple file scanning attempts from 207.180.249.63. Detected by ... show more WebApp brute force attack detected. Multiple file scanning attempts from 207.180.249.63. Detected by fail2ban. show less	Web App Attack Brute-Force
🇷🇺 DZBOT	2026-04-15 21:56:12 (1 month ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 07:09:11 (1 month ago)	(mod_security) mod_security (id:217291) triggered by 207.180.249.63 (m12063.contaboserver.net): 1 in ... show more (mod_security) mod_security (id:217291) triggered by 207.180.249.63 (m12063.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 03:09:03.706366 2026] [security2:error] [pid 3684488:tid 3684488] [client 207.180.249.63:43216] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(\\\\n\|\\\\r)" at ARGS_NAMES:\\r\\nfromwhere. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "145"] [id "217291"] [rev "2"] [msg "HTTP Header Injection Attack via payload (CR/LF detected)\|\|furballproductions.org\|F\|2"] [data "Matched Data: \\x0d found within ARGS_NAMES:\\x5cr\\x5cnfromwhere: \\x0d\\x0afromwhere"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "furballproductions.org"] [uri "/g12privacy.php"] [unique_id "ad3oD1EhTQBNYYY5LD1aJwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-04-13 00:12:53 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-04-04 14:20:03 (2 months ago)	Malicious activity detected	Hacking Web App Attack
🇮🇹 Progetto1	2026-03-31 13:25:02 (2 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 12:01:47 (2 months ago)	(mod_security) mod_security (id:244780) triggered by 207.180.249.63 (m12063.contaboserver.net): 1 in ... show more (mod_security) mod_security (id:244780) triggered by 207.180.249.63 (m12063.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 08:01:41.938621 2026] [security2:error] [pid 8900:tid 9002] [client 207.180.249.63:45608] ModSecurity: Access denied with code 403 (phase 2). String match "identification.php" at REQUEST_BASENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6912"] [id "244780"] [rev "1"] [msg "COMODO WAF: Open redirect vulnerability in Piwigo 2.9 and probably prior versions (CVE-2017-9464)\|\|www.forestancestry.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.forestancestry.com"] [uri "/identification.php"] [unique_id "acUgJQtv-98bkaP--NHFVQAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Vano Ganzzz	2026-03-26 06:35:37 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from FR. Action taken: BLOCK ASN: 51167 (CONTABO) Protocol ... show more Triggered Cloudflare WAF (firewallCustom) from FR. Action taken: BLOCK ASN: 51167 (CONTABO) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2026-03-26T06:35:37Z Ray ID: 9e2422e99f3ed3b0 UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 show less	Bad Web Bot
Anonymous	2026-03-25 19:17:39 (2 months ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2026-03-24 14:21:33 (2 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-03-23 09:11:28 (2 months ago)	(mod_security) mod_security (id:217291) triggered by 207.180.249.63 (m12063.contaboserver.net): 1 in ... show more (mod_security) mod_security (id:217291) triggered by 207.180.249.63 (m12063.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 05:11:22.009045 2026] [security2:error] [pid 22855:tid 22855] [client 207.180.249.63:38110] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(\\\\n\|\\\\r)" at ARGS_NAMES:\\r\\nfromwhere. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "145"] [id "217291"] [rev "2"] [msg "HTTP Header Injection Attack via payload (CR/LF detected)\|\|furballproductions.org\|F\|2"] [data "Matched Data: \\x0d found within ARGS_NAMES:\\x5cr\\x5cnfromwhere: \\x0d\\x0afromwhere"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "furballproductions.org"] [uri "/g12privacy.php"] [unique_id "acEDukdIU7C7oR5moXq0yQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-06 21:59:22 (3 months ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 120.28.109.188

🇧🇷 205.210.31.162

🇫🇮 194.124.210.127

🇬🇧 193.163.125.89

🇧🇷 190.115.84.25

🇨🇳 175.175.147.155

🇨🇳 125.76.228.194

🇨🇳 113.200.170.150

🇨🇳 112.32.126.179

🇺🇸 107.167.34.125

🇩🇪 85.192.31.14

🇺🇸 74.7.242.22

🇩🇪 62.133.60.87

🇰🇷 59.26.132.170

🇺🇸 44.193.121.88

🇯🇵 212.32.76.26

🇺🇸 205.210.31.6

🇺🇸 54.144.185.255

🇮🇳 49.43.241.11

🇺🇸 44.46.219.210