JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a12:bec4:1460:1af::2

2a12:bec4:1460:1af::2 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	QWINS Hosting
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213702
Domain Name	qwins.co
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a12:bec4:1460:1af::2

Whois 2a12:bec4:1460:1af::2

IP Abuse Reports for 2a12:bec4:1460:1af::2:

This IP address has been reported a total of 9 times from 6 distinct sources. 2a12:bec4:1460:1af::2 was first reported on December 28th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇬 nsivkov	2026-02-21 18:32:00 (3 months ago)		Brute-Force Web App Attack Hacking SQL Injection
🇩🇪 BlueWire Hosting	2026-01-15 12:10:14 (5 months ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-15 10:59:32 (5 months ago)	(mod_security) mod_security (id:220150) triggered by 2a12:bec4:1460:1af::2 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:220150) triggered by 2a12:bec4:1460:1af::2 (Unknown): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 05:59:27.453921 2026] [security2:error] [pid 5624:tid 5624] [client 2a12:bec4:1460:1af::2:46586] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.{0,399}\\\\*\\\\/)?select)" at ARGS:s. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|mightyhoop.com\|F\|2"] [data "test')unionselectuser_pass,2,3,4,5fromwp_users--x"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mightyhoop.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aWjIjz-NxrHVf3hj8dMwqwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 03:30:31 (5 months ago)	(mod_security) mod_security (id:220150) triggered by 2a12:bec4:1460:1af::2 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:220150) triggered by 2a12:bec4:1460:1af::2 (Unknown): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 22:30:25.082106 2026] [security2:error] [pid 4679:tid 4679] [client 2a12:bec4:1460:1af::2:43600] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.\\\\\\\\/)?select)" at ARGS:s. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5671"] [id "220150"] [rev "4"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|sharawi-gum.com\|F\|2"] [data "test')unionselectuser_pass,2,3,4,5fromwp_users--x"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sharawi-gum.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aWhfURovhGC2L7dpUXsEsQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 14:10:13 (5 months ago)	(mod_security) mod_security (id:220150) triggered by 2a12:bec4:1460:1af::2 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:220150) triggered by 2a12:bec4:1460:1af::2 (Unknown): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 09:10:06.449869 2026] [security2:error] [pid 10212:tid 10212] [client 2a12:bec4:1460:1af::2:49392] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.{0,399}\\\\*\\\\/)?select)" at ARGS:s. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|xcarsubscription.com\|F\|2"] [data "test')unionselectuser_pass,2,3,4,5fromwp_users--x"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "xcarsubscription.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aWejvkYfGydfacEcgdfzgAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 10:02:56 (5 months ago)	(mod_security) mod_security (id:220150) triggered by 2a12:bec4:1460:1af::2 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:220150) triggered by 2a12:bec4:1460:1af::2 (Unknown): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 05:02:48.929286 2026] [security2:error] [pid 20408:tid 20408] [client 2a12:bec4:1460:1af::2:33400] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.{0,399}\\\\*\\\\/)?select)" at ARGS:s. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|vintageamptubes.com\|F\|2"] [data "test')unionselectuser_pass,2,3,4,5fromwp_users--x"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vintageamptubes.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aWdpyFfMgtzHBGqjjpMvcgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-01-05 19:05:57 (5 months ago)	3.776 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
🇬🇧 venus.launch.bz	2025-12-28 01:20:46 (5 months ago)	(gohttpua) Bad UA Go-http-client from 2a12:bec4:1460:1af::2 (Unknown)	Hacking
Anonymous	2025-12-28 00:40:51 (5 months ago)	$f2bV_matches	Brute-Force

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.242.169.4

🇫🇮 94.183.234.128

🇫🇷 85.204.70.88

🇨🇳 49.232.105.217

🇦🇷 181.23.91.226

🇮🇳 106.201.92.117

🇺🇸 20.12.213.50

🇺🇸 173.244.60.241

🇺🇸 165.154.162.19

🇷🇴 80.94.92.167

🇬🇧 51.195.244.139

🇺🇸 47.251.51.133

🇧🇷 45.205.1.196

🇸🇬 194.5.82.83

🇺🇸 165.154.206.210

🇲🇴 125.31.4.70

🇰🇿 92.47.46.174

🇳🇱 45.148.10.141

🇸🇬 167.99.66.42

🇺🇸 136.117.153.7