JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0e:97c0:3e3:a0e::1

2a0e:97c0:3e3:a0e::1 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 10%: ?

10%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Datalix
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58087
Domain Name	datalix.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0e:97c0:3e3:a0e::1

Whois 2a0e:97c0:3e3:a0e::1

IP Abuse Reports for 2a0e:97c0:3e3:a0e::1:

This IP address has been reported a total of 86 times from 15 distinct sources. 2a0e:97c0:3e3:a0e::1 was first reported on June 10th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 01:15:24 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:15:14.623836 2026] [security2:error] [pid 8039:tid 8039] [client 2a0e:97c0:3e3:a0e::1:57946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.kronrod.com"] [uri "/.git/config"] [unique_id "aitdokTYF7gpTt-9hX6guQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 10:23:03 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 06:22:52.586675 2026] [security2:error] [pid 15375:tid 15375] [client 2a0e:97c0:3e3:a0e::1:40998] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|americanexportimport.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "americanexportimport.com"] [uri "/am.sql"] [unique_id "afxn_N4SwG-V25tW1OvgcgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 14:06:25 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 10:06:16.921342 2026] [security2:error] [pid 32237:tid 32237] [client 2a0e:97c0:3e3:a0e::1:34626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fernfield.com"] [uri "/wp-config.php.backup"] [unique_id "afIQWIMBLrvZX_TO01vjZQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:05:20 (1 month ago)	2026-04-26 08:01:04,071 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:a0e::1 2026- ... show more 2026-04-26 08:01:04,071 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:a0e::1 2026-04-26 12:01:48,389 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:a0e::1 2026-04-26 18:01:45,942 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:a0e::1 2026-04-26 21:01:45,255 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:a0e::1 2026-04-27 00:05:19,578 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:a0e::1 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-22 10:40:14 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 06:40:06.197004 2026] [security2:error] [pid 22524:tid 22524] [client 2a0e:97c0:3e3:a0e::1:60834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "technesa.com"] [uri "/wp-config.php.fr"] [unique_id "aeilhnwV_10oeOr63X30xwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-09 00:50:28 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 20:50:22.921507 2026] [security2:error] [pid 3136382:tid 3136382] [client 2a0e:97c0:3e3:a0e::1:46246] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humanicelement.com"] [uri "/wp-config.php.bak"] [unique_id "adb3zvi-JuCOxkrHK6zoTQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-26 20:36:19 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-23 20:17:04 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 15:16:57.118362 2026] [security2:error] [pid 29088:tid 29088] [client 2a0e:97c0:3e3:a0e::1:54498] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dwightbrown.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dwightbrown.com"] [uri "/archive.sql"] [unique_id "aZy1ueAkNICTimgi7sQC1QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 13:34:27 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 08:34:22.176157 2026] [security2:error] [pid 7007:tid 7007] [client 2a0e:97c0:3e3:a0e::1:53178] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|artspacecleveland.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "artspacecleveland.com"] [uri "/spacecleveland_prod.sql"] [unique_id "aZxXXvlZdpaUSpu09uAYsAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-05 22:59:19 (4 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-04. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-01-31 13:17:31 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 31 08:17:23.948707 2026] [security2:error] [pid 16642:tid 16642] [client 2a0e:97c0:3e3:a0e::1:44854] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williams-rodriguez.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williams-rodriguez.org"] [uri "/latest.sql"] [unique_id "aX4A42-s_SyUOAaWdFXsuQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 23:45:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 18:45:08.685555 2026] [security2:error] [pid 792587:tid 792587] [client 2a0e:97c0:3e3:a0e::1:47912] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.jsdavison.com"] [uri "/.git/config"] [unique_id "aXarBCDEcgbx8qCcj6H17wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 21:15:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 16:15:29.503401 2026] [security2:error] [pid 757095:tid 757095] [client 2a0e:97c0:3e3:a0e::1:49316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.whitmarshinc.com"] [uri "/.git/config"] [unique_id "aXaH8adfPinRCoKzQKPUoQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-01-17 13:13:24 (5 months ago)	Blocked by UFW (TCP on 8333) Source port: 48526 Packet length: 80 This report (for 2a0e:97c0:03e3:0 ... show more Blocked by UFW (TCP on 8333) Source port: 48526 Packet length: 80 This report (for 2a0e:97c0:03e3:0a0e:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-01-16 16:55:37 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:a0e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 11:55:29.612111 2026] [security2:error] [pid 5653:tid 5653] [client 2a0e:97c0:3e3:a0e::1:45056] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|teleplussolutions.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "teleplussolutions.com"] [uri "/solutions_com.sql"] [unique_id "aWptgVBP1kXNDRpmPk1rpQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 160.119.253.30

🇱🇹 62.60.130.239

🇲🇾 60.53.125.136

🇺🇸 198.46.253.100

🇺🇸 162.216.149.206

🇭🇰 144.48.8.10

🇩🇪 118.193.58.187

🇻🇳 103.98.149.56

🇻🇳 103.60.242.169

🇭🇰 103.56.115.187

🇭🇰 103.52.153.215

🇲🇾 47.250.83.81

🇺🇸 44.243.29.107

🇺🇸 20.127.187.7

🇮🇳 2401:4900:8946:9b5d:85d8:30b:3013:6bf5

🇮🇳 2401:4900:88b4:78d4:a9b1:7d97:89b5:21e

🇹🇷 212.68.36.230

🇺🇸 195.184.76.214

🇺🇸 195.184.76.114

🇧🇷 187.51.212.130