JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0e:97c0:3e3:5b2::1

2a0e:97c0:3e3:5b2::1 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 51%: ?

51%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Datalix
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58087
Domain Name	datalix.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0e:97c0:3e3:5b2::1

Whois 2a0e:97c0:3e3:5b2::1

IP Abuse Reports for 2a0e:97c0:3e3:5b2::1:

This IP address has been reported a total of 13 times from 8 distinct sources. 2a0e:97c0:3e3:5b2::1 was first reported on June 10th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 e.fierstra	2026-06-14 11:24:30 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 pscriptos	2026-06-14 10:31:31 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch	Web App Attack
🇳🇱 Mangelot Hosting	2026-06-14 00:22:27 (1 day ago)	(php_susp_dir) srv103 PHP in suspicious dir 2a0e:97c0:3e3:5b2::1 (DE/Germany/-): 1 in the last 3600 ... show more (php_susp_dir) srv103 PHP in suspicious dir 2a0e:97c0:3e3:5b2::1 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 20:55:52 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 16:55:42.250531 2026] [security2:error] [pid 1936:tid 1936] [client 2a0e:97c0:3e3:5b2::1:37954] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.intergalactichuman.com.mroxygen.org"] [uri "/.env"] [unique_id "ai3Dzlps-BVnlt2XwqbmpQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-13 16:26:14 (2 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env.production	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 15:38:02 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:37:54.426275 2026] [security2:error] [pid 31796:tid 31796] [client 2a0e:97c0:3e3:5b2::1:37486] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dance4ovations.com"] [uri "/.env.production"] [unique_id "ai15UoulN-Zg3ry-HUy3SAAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:14:20 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:14:07.964737 2026] [security2:error] [pid 2385:tid 2385] [client 2a0e:97c0:3e3:5b2::1:42304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lawson-insurance.com"] [uri "/.env.local"] [unique_id "aiz1L2pnrapzsOTNIH2zKQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 23:21:12 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 19:21:02.292951 2026] [security2:error] [pid 29450:tid 29470] [client 2a0e:97c0:3e3:5b2::1:45708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.barnett-ranch.mailporte.com"] [uri "/.env.old"] [unique_id "aiyUXv_2jm1FKVBoKl6jowAAAA4"], referer: https://www.google.com/search?q=www.barnett-ranch.mailporte.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 20:16:59 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:5b2::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 16:16:52.324151 2026] [security2:error] [pid 4358:tid 4358] [client 2a0e:97c0:3e3:5b2::1:38390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dc406.net"] [uri "/.env"] [unique_id "aixpNMvoiwP20ddGnrqa_QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Viveronese	2026-06-12 19:09:24 (3 days ago)	HTTP vulnerability scanning	Web App Attack
Anonymous	2026-06-12 19:00:30 (3 days ago)	Scanning/Probing activity detected.	Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-12 00:33:50 (3 days ago)	(modsecurity) srv201 ModSecurity 2a0e:97c0:3e3:5b2::1 (DE/Germany/-): 10 in the last 3600 secs; Port ... show more (modsecurity) srv201 ModSecurity 2a0e:97c0:3e3:5b2::1 (DE/Germany/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-10 22:04:13 (5 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 192.42.116.103

🇧🇷 187.58.66.231

🇺🇸 147.185.132.216

🇨🇳 111.9.47.89

🇬🇧 86.167.201.135

🇨🇦 85.217.149.19

🇺🇸 71.6.232.23

🇮🇪 34.253.115.72

🇺🇸 23.172.217.77

🇺🇸 195.184.76.69

🇫🇷 178.32.213.235

🇫🇮 147.185.133.191

🇫🇷 144.91.121.253

🇺🇸 136.107.186.11

🇸🇬 128.199.231.249

🇺🇸 104.21.83.228

🇺🇸 66.132.195.100

🇮🇪 34.245.56.73

🇮🇳 13.233.255.172

🇧🇪 198.235.24.220