JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 51.68.46.249

51.68.46.249 was found in our database!

This IP was reported 1,104 times. Confidence of Abuse is 0%: ?

ISP	OVH SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	249.ip-51-68-46.eu
Domain Name	ovh.net
Country	🇫🇷 France
City	Dunkerque, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 51.68.46.249

Whois 51.68.46.249

IP Abuse Reports for 51.68.46.249:

This IP address has been reported a total of 1,104 times from 294 distinct sources. 51.68.46.249 was first reported on February 24th 2023, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 gnom4ik	2026-02-21 00:04:20 (3 months ago)	ban-reviewer auto report; ip=51.68.46.249; scenario=http:scan; verdict=valid_ban; confidence=0.85; c ... show more ban-reviewer auto report; ip=51.68.46.249; scenario=http:scan; verdict=valid_ban; confidence=0.85; categories=14,15,22; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for HTTP scanning activity (scenario: http:scan); AbuseIPDB category 14 (Port Scan) is applicable; AbuseIPDB category 15 (Hacking) is applicable; AbuseIPDB category 22 (SSH) is applicable show less	Port Scan Hacking SSH
🇳🇱 homeshowdomain.nl	2025-11-29 23:03:28 (6 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-28. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-28 23:47:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 18:46:53.646789 2025] [security2:error] [pid 13147:tid 13147] [client 51.68.46.249:42516] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alejandrogorsse.com"] [uri "/wp-config.php"] [unique_id "aSo0bXJESEJFLw1bllBitgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 1gz	2025-11-28 23:23:05 (6 months ago)	Triggered Cloudflare WAF (firewallManaged) from FR. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from FR. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /wp-config.php UA: python-requests/2.25.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 SCHAPPY	2025-11-28 22:35:11 (6 months ago)	Critical web app attack detected. Restricted File Access Attempt	Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 22:24:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 17:24:08.076686 2025] [security2:error] [pid 11105:tid 11105] [client 51.68.46.249:40854] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "akmanoto.com"] [uri "/wp-config.php"] [unique_id "aSohCIApoQ7TLAWPUFLaTQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2025-11-28 17:15:41 (6 months ago)	(wp_config_access) srv101 Access wp-config.php 51.68.46.249 (FR/France/249.ip-51-68-46.eu): 1 in the ... show more (wp_config_access) srv101 Access wp-config.php 51.68.46.249 (FR/France/249.ip-51-68-46.eu): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇫🇷 Thaliruth	2025-11-28 17:09:15 (6 months ago)	51.68.46.249 - - [28/Nov/2025:18:09:14 +0100] "GET /wp-config.php HTTP/1.1" 403 264 "-" "python-requ ... show more 51.68.46.249 - - [28/Nov/2025:18:09:14 +0100] "GET /wp-config.php HTTP/1.1" 403 264 "-" "python-requests/2.25.1" ... show less	Brute-Force Web App Attack
🇳🇿 Tripwire	2025-11-28 16:59:37 (6 months ago)	Scanning for exploits - /wp-config.php	Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 15:19:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 10:19:38.244780 2025] [security2:error] [pid 29191:tid 29191] [client 51.68.46.249:34816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedmotorsports.com"] [uri "/wp-config.php"] [unique_id "aSm9iiGhpJA0kZFH0D5xQQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 14:42:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 09:42:49.119237 2025] [security2:error] [pid 18258:tid 18258] [client 51.68.46.249:48404] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adorningmetal.com"] [uri "/wp-config.php"] [unique_id "aSm06UrIgPCXrpjImnFpwQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 13:50:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 08:50:08.478138 2025] [security2:error] [pid 21201:tid 21201] [client 51.68.46.249:46344] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adelaidapacific.com"] [uri "/wp-config.php"] [unique_id "aSmokPaSK2ncyxRNU3RknwAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2025-11-28 05:55:17 (6 months ago)	GET /wp-config.php HTTP/1.1	Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 02:13:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 51.68.46.249 (249.ip-51-68-46.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 21:13:25.287759 2025] [security2:error] [pid 12055:tid 12055] [client 51.68.46.249:58884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acmedistributingllc.com"] [uri "/wp-config.php"] [unique_id "aSkFReg2YfAadQHTnKBDTAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 loadsoporte	2025-11-28 01:55:16 (6 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force

Showing 1 to 15 of 1104 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 101.36.111.119

🇺🇸 70.40.220.123

🇩🇪 69.5.169.97

🇺🇸 68.183.147.16

🇬🇧 35.203.210.21

🇩🇪 2.26.51.140

🇬🇧 185.247.137.227

🇧🇷 162.241.2.204

🇺🇸 147.185.132.125

🇺🇸 137.184.13.100

🇺🇸 136.112.53.39

🇭🇰 119.28.214.145

🇧🇩 103.171.69.101

🇲🇦 102.100.122.174

🇺🇸 52.167.144.160

🇧🇷 45.205.1.240

🇳🇱 45.142.193.53

🇺🇸 3.146.65.139

🇧🇷 2804:14d:2a73:408e:c57:6617:e13a:de89

🇮🇶 212.237.119.97