AbuseIPDB » 2400:cb00:73:1000:2539:cb3:72ed:2f60

2400:cb00:73:1000:2539:cb3:72ed:2f60 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Important Note: 2400:cb00:73:1000:2539:cb3:72ed:2f60 is an IP address from within our whitelist belonging to the subnet 2400:cb00::/32, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 2400:cb00:73:1000:2539:cb3:72ed:2f60

Whois 2400:cb00:73:1000:2539:cb3:72ed:2f60

IP Abuse Reports for 2400:cb00:73:1000:2539:cb3:72ed:2f60:

This IP address has been reported a total of 6 times from 1 distinct source. 2400:cb00:73:1000:2539:cb3:72ed:2f60 was first reported on January 8th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
TPI-Abuse	2025-06-10 07:42:00 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): ... show more(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 10 03:41:54.093043 2025] [security2:error] [pid 3774461:tid 3774461] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60:34366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rodrigoaldecoa.com"] [uri "/.env"] [unique_id "aEfhwswd4Rug5LiVZGhs2gAAAAQ"], referer: http://rodrigoaldecoa.com/.env show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-05-16 18:02:54 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): ... show more(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 16 14:02:50.200321 2025] [security2:error] [pid 948704:tid 948704] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60:22970] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pixacast.com"] [uri "/staging/.env"] [unique_id "aCd9yt4FxnvhJzzFdtXFkQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-04-22 15:53:13 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): ... show more(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 22 11:53:09.506952 2025] [security2:error] [pid 28222:tid 28222] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60:40682] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ard.global"] [uri "/demo/.env"] [unique_id "aAe7ZUEXaFdoXR73X7q3OAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-02-28 14:03:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): ... show more(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 09:03:22.260765 2025] [security2:error] [pid 5237:tid 5237] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60:51014] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globetechsecurities.com"] [uri "/app_dev.php/_profiler/open"] [unique_id "Z8HCKrLd09u-KBVLDuSwqAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-01-18 05:00:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): ... show more(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 18 00:00:16.214778 2025] [security2:error] [pid 23827:tid 23827] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60:9134] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pixacast.com"] [uri "/crm/.env"] [unique_id "Z4s1YPJlD74f-0GAGzwEogAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-01-08 00:30:01 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): ... show more(mod_security) mod_security (id:210492) triggered by 2400:cb00:73:1000:2539:cb3:72ed:2f60 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 07 19:29:55.647164 2025] [security2:error] [pid 29849:tid 29849] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60:33586] [client 2400:cb00:73:1000:2539:cb3:72ed:2f60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ard.global"] [uri "/.env.production"] [unique_id "Z33HA033R_c90Oo-p3AG7QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

125.125.237.154

117.207.121.160

91.196.152.189

80.94.95.116

45.156.129.92

111.243.82.210

222.189.2.98

199.45.154.177

20.3.253.156

161.132.37.66

185.177.239.129

122.150.150.132

185.121.235.184

194.163.164.14

193.32.162.103

154.12.177.3

205.210.31.195

5.161.61.91

87.106.229.106

49.232.221.43