JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:6ea0:5501::24

2a02:6ea0:5501::24 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 48%: ?

48%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	datacamp.co.uk
Country	🇵🇪 Peru
City	Lima, Lima Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:6ea0:5501::24

Whois 2a02:6ea0:5501::24

IP Abuse Reports for 2a02:6ea0:5501::24:

This IP address has been reported a total of 15 times from 7 distinct sources. 2a02:6ea0:5501::24 was first reported on June 11th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 gumbysoft	2026-06-14 00:00:11 (7 hours ago)	Unauthorized web vulnerability scan (/.env, wordpress, etc.)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 23:28:42 (7 hours ago)	(mod_security) mod_security (id:949110) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:949110) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 19:28:35.213117 2026] [security2:error] [pid 10609:tid 10609] [client 2a02:6ea0:5501::24:57591] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "resilientpathconsulting.net"] [uri "/.env.production"] [unique_id "ai3no9YWe_lPQggn8nEkJwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 20:06:31 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 16:06:23.905711 2026] [security2:error] [pid 16110:tid 16110] [client 2a02:6ea0:5501::24:58042] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web37.dnchosting.com"] [uri "/.git/config"] [unique_id "ai24P6NCSvmQ3h7ZhV3VjwAAAFw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 pinguin	2026-06-13 19:06:32 (11 hours ago)	Triggered Cloudflare WAF (firewallManaged) from PE. Action taken: LOG Protocol: HTTP/1.1 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from PE. Action taken: LOG Protocol: HTTP/1.1 (GET method) Endpoint: /src/.env UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-13 08:59:21 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:59:13.877741 2026] [security2:error] [pid 32418:tid 32418] [client 2a02:6ea0:5501::24:54951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vexxarr.com"] [uri "/.env"] [unique_id "ai0b4fcJ1pFkfAd4EGEUcAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-12 22:01:34 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-11. show less	Web App Attack SSH Hacking
🇱🇻 garmtech.com	2026-06-12 16:18:04 (1 day ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env.production	Web App Attack
🇺🇸 interbiznw.com	2026-06-12 10:30:00 (1 day ago)	fail2ban-ban	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 09:59:36 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 05:59:28.677267 2026] [security2:error] [pid 23577:tid 23577] [client 2a02:6ea0:5501::24:52956] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.oowoah.com"] [uri "/.env.prod"] [unique_id "aivYgJO0qwCfpapcrDFzjwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-12 08:32:38 (1 day ago)	196 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-11 22:28:17 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:28:12.700398 2026] [security2:error] [pid 12623:tid 12623] [client 2a02:6ea0:5501::24:57597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watlab.com"] [uri "/.env"] [unique_id "ais2fCmbw1HI69-VcXXjyQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 22:01:19 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:01:13.975927 2026] [security2:error] [pid 17922:tid 17922] [client 2a02:6ea0:5501::24:51844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thevenicecafe.com"] [uri "/.env"] [unique_id "aiswKe0_pJGGnz8PnD-Q0wAAADM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-11 19:24:34 (2 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env.local	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 16:43:48 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a02:6ea0:5501::24 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 12:43:40.160483 2026] [security2:error] [pid 25838:tid 25838] [client 2a02:6ea0:5501::24:62028] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web92.dnchosting.com"] [uri "/.env"] [unique_id "airlvMqg9Yi6VFuCItnRLwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-11 16:07:05 (2 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env.production	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:2:d1:0:1:63b0:3001

🇮🇳 223.233.85.110

🇩🇪 213.209.159.223

🇸🇬 198.55.97.72

🇹🇭 147.50.255.125

🇬🇧 109.152.142.158

🇺🇸 103.143.10.140

🇺🇸 71.6.135.131

🇫🇷 51.68.34.131

🇮🇳 45.43.45.254

🇺🇸 34.125.103.158

🇦🇱 31.171.153.3

🇬🇪 2.57.217.229

🇰🇷 222.118.170.176

🇰🇷 220.119.37.141

🇺🇸 204.220.180.62

🇺🇸 135.232.201.226

🇺🇸 107.174.13.66

🇬🇪 91.239.206.123

🇳🇱 88.210.63.69