JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0e:97c0:3e3:873::1

2a0e:97c0:3e3:873::1 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 71%: ?

71%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Datalix
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58087
Domain Name	datalix.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0e:97c0:3e3:873::1

Whois 2a0e:97c0:3e3:873::1

IP Abuse Reports for 2a0e:97c0:3e3:873::1:

This IP address has been reported a total of 15 times from 13 distinct sources. 2a0e:97c0:3e3:873::1 was first reported on June 21st 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-25 05:08:32 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:08:18.993193 2026] [security2:error] [pid 5230:tid 5230] [client 2a0e:97c0:3e3:873::1:3198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cabrynpoodles.com"] [uri "/.env.save"] [unique_id "ajy3wkd4uaFwMBloUlEJFgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-25 04:09:20 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 00:54:13 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 20:54:02.895333 2026] [security2:error] [pid 2127:tid 2127] [client 2a0e:97c0:3e3:873::1:31984] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgewakim.net"] [uri "/.env.dev"] [unique_id "ajx8KnhJUUuIeBBWv6zX4AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-24 21:45:07 (4 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇳🇱 e.fierstra	2026-06-24 18:15:58 (5 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 Enno	2026-06-24 17:27:38 (5 days ago)	P04::Fail2Ban: automated bot scanning / credential probing detected.	Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-22 22:03:34 (6 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-21. show less	Web App Attack SSH Hacking
🇧🇪 cmbplf	2026-06-22 16:40:56 (1 week ago)	144 requests with url.path *config.json	Brute-Force Bad Web Bot
🇬🇧 Aetherweb Ark	2026-06-22 14:54:23 (1 week ago)	(mod_security) mod_security (id:949110) triggered by 2a0e:97c0:3e3:873::1 (Unknown): N in the last X ... show more (mod_security) mod_security (id:949110) triggered by 2a0e:97c0:3e3:873::1 (Unknown): N in the last X secs show less	Web App Attack
🇫🇷 dynamix	2026-06-22 14:13:03 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 13:07:17 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 09:07:10.463589 2026] [security2:error] [pid 22180:tid 22180] [client 2a0e:97c0:3e3:873::1:22238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.springb.mordesign1.com"] [uri "/.env.local"] [unique_id "ajkzfv3Enya4UvSUqH9rfQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 maxpower	2026-06-22 11:55:40 (1 week ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2a0e:97c0:3e3:873::1 (CH/Switzerland/-): ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2a0e:97c0:3e3:873::1 (CH/Switzerland/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2a0e:97c0:3e3:873::1 - - [22/Jun/2026:13:55:35 +0200] "HEAD /.aws/credentials HTTP/1.1" 200 0 "https://www.google.com/search?q=insegnesolution.emmeccisolution.it" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" "-" host=insegnesolution.emmeccisolution.it 2a0e:97c0:3e3:873::1 - - [22/Jun/2026:13:55:35 +0200] "HEAD /secrets.json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.6422.113 Mobile Safari/537.36" "-" host=insegnesolution.emmeccisolution.it show less	Port Scan
🇩🇪 HandyTreff.de	2026-06-21 21:57:41 (1 week ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -53.229 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -53.229 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) show less	Web App Attack Bad Web Bot
🇮🇹 VHosting	2026-06-21 21:05:03 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇵🇱 sefinek.net	2026-06-21 20:13:24 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action: BLOCK \| Protocol: HTTP/1.1 (HEAD) \| Endpo ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action: BLOCK \| Protocol: HTTP/1.1 (HEAD) \| Endpoint: /.pgpass \| UA: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 185.98.171.213

🇨🇦 158.69.227.40

🇨🇦 146.190.242.25

🇸🇬 101.47.155.9

🇱🇹 81.30.98.62

🇷🇺 45.144.31.247

🇳🇱 45.142.193.164

🇨🇳 43.248.99.99

🇰🇷 43.133.233.246

🇰🇷 20.194.24.159

🇨🇳 14.103.123.19

🇩🇪 213.209.159.228

🇧🇷 191.240.98.106

🇦🇺 170.64.134.120

🇳🇱 146.190.227.252

🇩🇪 146.0.32.235

🇫🇷 91.231.89.198

🇰🇷 59.22.201.143

🇸🇬 23.111.14.184

🇺🇸 18.214.210.112