JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0e:97c0:3e3:b6::1

2a0e:97c0:3e3:b6::1 was found in our database!

This IP was reported 103 times. Confidence of Abuse is 27%: ?

27%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Datalix
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58087
Domain Name	datalix.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0e:97c0:3e3:b6::1

Whois 2a0e:97c0:3e3:b6::1

IP Abuse Reports for 2a0e:97c0:3e3:b6::1:

This IP address has been reported a total of 103 times from 13 distinct sources. 2a0e:97c0:3e3:b6::1 was first reported on February 26th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Savvii	2026-06-10 08:19:39 (1 day ago)	20 attempts against mh-misbehave-ban on web-new	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-06 21:50:32 (4 days ago)	Blocked by UFW (TCP on 8333) Source port: 44182 Packet length: 80 This report (for 2a0e:97c0:03e3:0 ... show more Blocked by UFW (TCP on 8333) Source port: 44182 Packet length: 80 This report (for 2a0e:97c0:03e3:00b6:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-06-06 07:44:19 (5 days ago)	Blocked by UFW (TCP on 8333) Source port: 35694 Packet length: 80 This report (for 2a0e:97c0:03e3:0 ... show more Blocked by UFW (TCP on 8333) Source port: 35694 Packet length: 80 This report (for 2a0e:97c0:03e3:00b6:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-05 14:03:48 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 10:03:36.949665 2026] [security2:error] [pid 307:tid 307] [client 2a0e:97c0:3e3:b6::1:36790] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.razeemco.com"] [uri "/.git/config"] [unique_id "aiLXOP04fucmBrIUT6BokwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:05:18 (1 month ago)	2026-04-26 08:01:03,384 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:b6::1 2026-0 ... show more 2026-04-26 08:01:03,384 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:b6::1 2026-04-26 12:01:47,953 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:b6::1 2026-04-26 18:01:45,503 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:b6::1 2026-04-26 21:01:44,805 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:b6::1 2026-04-27 00:05:14,814 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0e:97c0:3e3:b6::1 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 12:48:11 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 08:48:02.541555 2026] [security2:error] [pid 31806:tid 31806] [client 2a0e:97c0:3e3:b6::1:45024] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kavahawaii.com"] [uri "/wp-config.php_"] [unique_id "ae4JgsIDg94WjiAertmC5gAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-21 13:42:59 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 39904 Packet length: 80 This report (for 2a0e:97c0:03e3:0 ... show more Blocked by UFW (TCP on 8333) Source port: 39904 Packet length: 80 This report (for 2a0e:97c0:03e3:00b6:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇹 VHosting	2026-03-26 20:34:00 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-09 04:13:30 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:13:23.744552 2026] [security2:error] [pid 27156:tid 27156] [client 2a0e:97c0:3e3:b6::1:38162] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|geckoturner.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/geckoturner_prod.sql"] [unique_id "aa5I4756yN0K5_XaKhefTAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-09 01:40:45 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 21:40:38.853628 2026] [security2:error] [pid 21993:tid 21993] [client 2a0e:97c0:3e3:b6::1:42410] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mobileonlinecasinos.co\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mobileonlinecasinos.co"] [uri "/reserve.sql"] [unique_id "aa4lFmbU61q4LolD0xL21QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 13:27:49 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 08:27:37.901224 2026] [security2:error] [pid 17291:tid 17291] [client 2a0e:97c0:3e3:b6::1:58988] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|aboutagingparents.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aboutagingparents.com"] [uri "/ngparents_db.sql"] [unique_id "aamEyYtjFx154llnmIMZZgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-02-27 12:43:00 (3 months ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 Sylvyon	2026-02-24 09:15:28 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action: BLOCK \| Protocol: HTTP/2 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Android 10; Mobile; rv:140.0) Gecko/140.0 Firefox/140.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-23 07:14:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 02:14:36.899739 2026] [security2:error] [pid 22240:tid 22240] [client 2a0e:97c0:3e3:b6::1:60746] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.globalsecurity360.com"] [uri "/.git/config"] [unique_id "aZv-XNTG-qY9Xk-6XNyq_AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-02 22:59:50 (4 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-01. show less	Hacking Web App Attack SSH

Showing 1 to 15 of 103 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.248

🇫🇷 81.31.13.214

🇨🇳 14.103.145.231

🇩🇪 213.209.159.228

🇧🇷 189.8.120.58

🇺🇸 140.235.168.153

🇳🇱 45.92.1.134

🇩🇪 213.209.159.56

🇧🇷 177.85.61.134

🇬🇧 165.232.111.136

🇺🇸 162.216.149.201

🇮🇳 122.187.126.128

🇨🇳 117.72.125.34

🇷🇺 109.63.176.65

🇮🇩 103.146.202.144

🇻🇳 103.118.28.17

🇹🇷 91.151.88.168

🇳🇱 86.54.31.34

🇺🇸 66.132.186.228

🇬🇧 35.203.211.21