JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0e:97c0:3ea:6f0::1

2a0e:97c0:3ea:6f0::1 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 88%: ?

88%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Datalix
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203446
Domain Name	datalix.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0e:97c0:3ea:6f0::1

Whois 2a0e:97c0:3ea:6f0::1

IP Abuse Reports for 2a0e:97c0:3ea:6f0::1:

This IP address has been reported a total of 32 times from 20 distinct sources. 2a0e:97c0:3ea:6f0::1 was first reported on June 6th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Aetherweb Ark	2026-06-08 16:57:23 (1 week ago)	(mod_security) mod_security (id:949110) triggered by 2a0e:97c0:3ea:6f0::1 (Unknown): N in the last X ... show more (mod_security) mod_security (id:949110) triggered by 2a0e:97c0:3ea:6f0::1 (Unknown): N in the last X secs show less	Web App Attack
🇳🇱 Site.eu	2026-06-08 16:05:20 (1 week ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-06-08 12:21:49 (1 week ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇫🇮 YF	2026-06-08 08:00:46 (1 week ago)	WordPress content enumeration	Web App Attack
🇩🇪 macrob	2026-06-08 07:27:49 (1 week ago)	2026/06/08 07:27:47 [error] 1452899#1452899: 289099285 access forbidden by rule, client: 2a0e:97c0: ... show more 2026/06/08 07:27:47 [error] 1452899#1452899: 289099285 access forbidden by rule, client: 2a0e:97c0:3ea:6f0::1, server: bin.partners, request: "GET /.git/HEAD HTTP/2.0", host: "bin.partners" 2026/06/08 07:27:47 [error] 1452899#1452899: 289099285 access forbidden by rule, client: 2a0e:97c0:3ea:6f0::1, server: bin.partners, request: "GET /.env HTTP/2.0", host: "bin.partners" 2026/06/08 07:27:48 [error] 1452899#1452899: 289099285 access forbidden by rule, client: 2a0e:97c0:3ea:6f0::1, server: bin.partners, request: "GET /.env.local HTTP/2.0", host: "bin.partners" ... show less	Web App Attack
🇳🇱 e.fierstra	2026-06-08 06:51:26 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 Gwyneth Llewelyn	2026-06-08 06:43:53 (1 week ago)	2026/06/08 07:43:50 [error] 1929836#1929836: 213971 access forbidden by rule, client: 2a0e:97c0:3ea ... show more 2026/06/08 07:43:50 [error] 1929836#1929836: 213971 access forbidden by rule, client: 2a0e:97c0:3ea:6f0::1, server: simetria.org, request: "GET /.env HTTP/2.0", host: "blog.simetria.org" 2a0e:97c0:3ea:6f0::1 - - [08/Jun/2026:07:43:50 +0100] "GET /.env HTTP/2.0" 403 1045 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" 2026/06/08 07:43:51 [error] 1929836#1929836: *213982 access forbidden by rule, client: 2a0e:97c0:3ea:6f0::1, server: simetria.org, request: "GET /backend/.env HTTP/2.0", host: "blog.simetria.org" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:17:26 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:6f0::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:6f0::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:17:19.009901 2026] [security2:error] [pid 1331:tid 1331] [client 2a0e:97c0:3ea:6f0::1:57188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bgraph.com"] [uri "/.env"] [unique_id "aiZeb9ZNfQYmhi1nk2nilAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 04:37:03 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:6f0::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:6f0::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:36:57.189737 2026] [security2:error] [pid 4610:tid 4610] [client 2a0e:97c0:3ea:6f0::1:41164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bluebirds.bickleton.org"] [uri "/api/.env"] [unique_id "aiZG6YgWWQGiQf75mAkGgAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hans Wurst	2026-06-07 22:47:22 (1 week ago)	Many 404-Error: Suspicion of URL-Fuzzing/Bot-Scan.	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-07 21:59:34 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06. show less	Web App Attack SSH Hacking
🇵🇱 sefinek.net	2026-06-07 19:21:49 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /env \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-07 19:19:27 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:6f0::1 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3ea:6f0::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:19:15.442382 2026] [security2:error] [pid 9961:tid 9961] [client 2a0e:97c0:3ea:6f0::1:46180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "worshipconcert.com"] [uri "/.git/config"] [unique_id "aiXEM3bOEXsdnBSi52XWWQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 René Hickersberger	2026-06-07 19:02:16 (1 week ago)	[2026-06-07T19:02:16Z] Malicious request to /.git/HEAD	Hacking Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-07 18:38:06 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.187.80

🇺🇸 192.210.132.197

🇮🇳 182.70.255.242

🇺🇸 172.86.114.38

🇸🇬 128.199.225.7

🇩🇪 128.14.225.164

🇨🇳 106.117.111.45

🇫🇷 91.231.89.136

🇳🇱 45.74.59.2

🇯🇵 34.146.210.249

🇺🇸 2607:f8b0:4001:c0f::124

🇮🇳 2402:3a80:f4d:d0b9:81f6:ddc:6bee:3a55

🇺🇸 205.210.31.103

🇸🇬 165.154.200.48

🇭🇰 156.245.246.50

🇭🇰 128.1.131.218

🇨🇳 125.91.33.72

🇨🇳 116.168.75.106

🇹🇷 85.96.189.27

🇷🇴 80.94.92.177