JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0e:97c0:3ea:621::1

2a0e:97c0:3ea:621::1 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 76%: ?

76%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Datalix
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203446
Domain Name	datalix.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0e:97c0:3ea:621::1

Whois 2a0e:97c0:3ea:621::1

IP Abuse Reports for 2a0e:97c0:3ea:621::1:

This IP address has been reported a total of 34 times from 13 distinct sources. 2a0e:97c0:3ea:621::1 was first reported on June 27th 2026, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-29 22:59:16 (15 hours ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 Vano Ganzzz	2026-06-28 18:15:28 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 203446 (SMARTNET LIMITED ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 203446 (SMARTNET LIMITED) Protocol: HTTP/1.1 (GET method) Endpoint: /config.json Timestamp: 2026-06-28T18:15:28Z Ray ID: a12ead526809ac6b UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109 show less	Bad Web Bot
🇩🇪 BlueWire Hosting	2026-06-28 17:27:57 (1 day ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇫🇷 LRNP	2026-06-28 16:02:17 (1 day ago)	stats.lpoujol.fr:443 2a0e:97c0:3ea:621::1 - - [28/Jun/2026:16:02:17 +0000] "GET /.env HTTP/1.1" 404 ... show more stats.lpoujol.fr:443 2a0e:97c0:3ea:621::1 - - [28/Jun/2026:16:02:17 +0000] "GET /.env HTTP/1.1" 404 2661 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 14:07:52 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 10:07:47.029494 2026] [security2:error] [pid 9936:tid 9936] [client 2a0e:97c0:3ea:621::1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shubil.com"] [uri "/.git/HEAD"] [unique_id "akEqs2gKomVZ2FDlnjU4cQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 13:09:45 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 09:09:41.757217 2026] [security2:error] [pid 31228:tid 31228] [client 2a0e:97c0:3ea:621::1:52340] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "savingspools.savingshvac.com"] [uri "/.git/HEAD"] [unique_id "akEdFfdTe3x1xptMJVbUhgAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 11:42:13 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:42:06.235429 2026] [security2:error] [pid 10890:tid 10890] [client 2a0e:97c0:3ea:621::1:34276] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sandboxspeech.org.abbysue.com"] [uri "/.git/config"] [unique_id "akEIjmNQVhajkQhx_cAxdgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 11:26:02 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:25:53.615558 2026] [security2:error] [pid 14315:tid 14315] [client 2a0e:97c0:3ea:621::1:39270] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "skulldump.blockdredge.com"] [uri "/.env"] [unique_id "akEEwdaEmJKNcwe3nrU2kgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 10:42:27 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:42:18.545030 2026] [security2:error] [pid 8103:tid 8103] [client 2a0e:97c0:3ea:621::1:46148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "salesfunnelworkflow.wholesalelivelobsters.com"] [uri "/.git/HEAD"] [unique_id "akD6ivT6zbZIZdDuNPq8MwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇰 HostingGroup	2026-06-28 10:01:23 (2 days ago)	Automated malicious activity (Honeypot Trap) detected and blocked at the CDN edge by NordicCDN Shiel ... show more Automated malicious activity (Honeypot Trap) detected and blocked at the CDN edge by NordicCDN Shield. Offenses: 1. First blocked: 2026-06-28. show less	Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-28 10:00:04 (2 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-28 08:56:19 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:56:13.717018 2026] [security2:error] [pid 23262:tid 23262] [client 2a0e:97c0:3ea:621::1:34512] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sierrafoothillswinemap.georgetownca.com"] [uri "/.git/HEAD"] [unique_id "akDhrSWRleOmcSmn561UJgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 08:24:12 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:24:06.293218 2026] [security2:error] [pid 14495:tid 14495] [client 2a0e:97c0:3ea:621::1:57006] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shadowfree.souldata.com"] [uri "/.git/HEAD"] [unique_id "akDaJiIgRBkl0eL16pT4GwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 08:06:36 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:621::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:06:30.816258 2026] [security2:error] [pid 18931:tid 18931] [client 2a0e:97c0:3ea:621::1:34294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robotsinme.rimaine.org"] [uri "/.git/HEAD"] [unique_id "akDWBlkDQ1mCvinEVmrQ6gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 08:03:20 (2 days ago)	2a0e:97c0:3ea:621::1 - - [28/Jun/2026:08:03:19 +0000] "GET /.env HTTP/1.1" 404 2959 "-" "Mozilla/5.0 ... show more 2a0e:97c0:3ea:621::1 - - [28/Jun/2026:08:03:19 +0000] "GET /.env HTTP/1.1" 404 2959 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" ... show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2001:1c00:3:400:cdfa:212a:de9c:d92f

🇧🇷 200.219.200.16

🇬🇧 165.227.234.27

🇺🇸 157.230.133.16

🇳🇱 91.92.243.207

🇩🇪 164.92.161.148

🇫🇮 147.185.133.49

🇭🇰 118.26.39.231

🇮🇳 103.132.243.250

🇷🇴 80.94.92.55

🇺🇸 65.182.74.176

🇨🇳 59.173.108.205

🇩🇪 51.89.24.175

🇬🇧 35.203.210.154

🇳🇱 195.178.110.155

🇩🇪 185.242.3.111

🇻🇳 157.10.45.70

🇸🇬 103.189.235.182

🇫🇷 51.178.251.89

🇭🇰 45.120.216.232