AbuseIPDB » 209.242.202.210
209.242.202.210 was found in our database!
This IP was reported 7 times. Confidence of
Abuse
is 4% : ?
ISP
HostRoyale LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS203020
Domain Name
hostroyale.com
Country
๐ฆ๐น
Austria
City
Fischamend, Lower Austria
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 209.242.202.210 :
This IP address has been reported a total of
7
times from
5 distinct
sources.
209.242.202.210 was first reported on
May 4th 2025 , and the most recent report was
48 minutes ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ซ๐ท
bigorre.org
2026-07-03 16:51:49
(48 minutes ago)
Excessive crawling : exceed crawl-delay defined in robots.txt
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-11-13 12:13:04
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.242.202.210 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 209.242.202.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 07:12:57.147524 2025] [security2:error] [pid 7575:tid 7575] [client 209.242.202.210:51705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env.backup"] [unique_id "aRXLSSN1PvZ_6cV9emcUYAAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SCHAPPY
2025-08-27 22:10:06
(10 months ago)
IP was involved in L7 DDoS attack.
DDoS Attack
๐บ๐ธ
TPI-Abuse
2025-07-27 02:40:06
(11 months ago)
(mod_security) mod_security (id:221260) triggered by 209.242.202.210 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:221260) triggered by 209.242.202.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 22:40:03.978898 2025] [security2:error] [pid 872117:tid 872251] [client 209.242.202.210:35197] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||webdisk.staging.kettlehill.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.staging.kettlehill.com"] [uri "/cgi-bin/test"] [unique_id "aIWRg34Thc83i_H3CwXpJQAAAo4"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-07-23 18:32:59
(11 months ago)
Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-05-29 17:15:15
(1 year ago)
(mod_security) mod_security (id:218420) triggered by 209.242.202.210 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:218420) triggered by 209.242.202.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 13:15:12.074538 2025] [security2:error] [pid 3045752:tid 3045752] [client 209.242.202.210:46123] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||ftp.farmers123.com|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "ftp.farmers123.com"] [uri "/cgi-bin/php-cgi.exe"] [unique_id "aDiWIGNSNK1ATIBd6mjIyAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-05-04 21:40:01
(1 year ago)
| Common web attack.
Hacking
SQL Injection
Web App Attack
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: