JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 62.210.130.252

62.210.130.252 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 100%: ?

100%

ISP	Scaleway Dedibox
Usage Type	Data Center/Web Hosting/Transit
ASN	AS12876
Domain Name	scaleway.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 62.210.130.252

Whois 62.210.130.252

IP Abuse Reports for 62.210.130.252:

This IP address has been reported a total of 86 times from 58 distinct sources. 62.210.130.252 was first reported on August 28th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 boxed-it	2026-06-29 14:43:41 (1 day ago)	GET /.env (Tarpitted for 1d1h6m34s, wasted 5.17MB)	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-29 05:14:23 (1 day ago)	2 attacks on env grabbing URLs: GET /.env HTTP/1.1	Hacking
🇨🇴 adalbertoreyes.org	2026-06-28 19:42:12 (1 day ago)	CategoryPortScan	Port Scan
🇨🇭 4server	2026-06-28 14:05:01 (2 days ago)	[SunJun2816:04:55.0094532026][security2:error][pid844853:tid844978][client62.210.130.252:0]ModSecuri ... show more [SunJun2816:04:55.0094532026][security2:error][pid844853:tid844978][client62.210.130.252:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"associazione-iris.ch\"][uri\"/.env\"][unique_id\"akEqB2cyCjtja9NhLSSh2gAAAAo\"] show less	Hacking Web App Attack
🇩🇪 ghostwarriors	2026-06-28 13:50:19 (2 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Smish	2026-06-28 13:34:22 (2 days ago)	HONEYPOT HIT --> Fail2ban time=1782653660 log=2026-06-28T14:34:20+01:00 ip=62.210.130.252 host=as210 ... show more HONEYPOT HIT --> Fail2ban time=1782653660 log=2026-06-28T14:34:20+01:00 ip=62.210.130.252 host=as210667.net method=GET uri="/.env" status=404 ua="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ref="-" rid=9b910da7812c7a7afe0730f90dbdb37e show less	Web App Attack
🇫🇮 as211431.net	2026-06-28 13:34:22 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from FR. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from FR. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (POST method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 pinguin	2026-06-28 13:34:11 (2 days ago)	Triggered Cloudflare WAF (firewallManaged) from FR. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from FR. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇵🇾 armandosaucedo.me	2026-06-28 12:43:32 (2 days ago)	Threat Intelligence via ARMTI, Web Attack: GET /.env	Web App Attack
🇫🇷 Jimbo67	2026-06-28 12:24:59 (2 days ago)	Cloudflare WAF: 1 hits in 30s \| action=block \| abuse=confirmed_abuse \| categories=21 \| rule_id=a8325 ... show more Cloudflare WAF: 1 hits in 30s \| action=block \| abuse=confirmed_abuse \| categories=21 \| rule_id=a8325d956f104d2194269f1386e09ef1 \| URIs=/.env \| confidence=0.95 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 12:19:35 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 62.210.130.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 62.210.130.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 08:19:30.449385 2026] [security2:error] [pid 31140:tid 31140] [client 62.210.130.252:46120] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arlan-associates.com"] [uri "/.env"] [unique_id "akERUouKFvpiEiTHgUn-tgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Selckie	2026-06-28 12:19:03 (2 days ago)	fail2ban: NGINX unusual impact	Web App Attack
🇺🇸 wordpresshosting.solutions	2026-06-28 12:02:58 (2 days ago)	Web app vulnerability scanning detected. Evidence: 62.210.130.252 - - [28/Jun/2026:11:56:10 +0000] " ... show more Web app vulnerability scanning detected. Evidence: 62.210.130.252 - - [28/Jun/2026:11:56:10 +0000] "GET /.env HTTP/1.1" 404 9745 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 62.210.130.252 - - [28/Jun/2026:12:02:57 +0000] "GET /.env HTTP/1.1" 404 5569 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Web App Attack
Anonymous	2026-06-28 11:55:17 (2 days ago)	62.210.130.252 - - [28/Jun/2026:19:55:16 +0800] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; ... show more 62.210.130.252 - - [28/Jun/2026:19:55:16 +0800] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-28 11:33:41 (2 days ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 185.211.94.76

🇭🇰 152.32.168.34

🇸🇪 88.129.165.39

🇺🇸 66.132.172.137

🇸🇬 43.173.176.8

🇸🇬 43.173.173.38

🇲🇾 202.165.29.123

🇮🇩 163.7.11.155

🇩🇴 148.103.9.128

🇵🇰 103.125.177.193

🇳🇱 45.156.87.254

🇺🇸 13.86.104.104

🇺🇸 4.17.226.146

🇪🇸 200.234.227.140

🇩🇪 193.124.20.236

🇧🇷 187.0.238.194

🇦🇪 165.154.12.108

🇮🇳 103.70.40.36

🇳🇬 102.90.123.168

🇺🇸 73.36.177.174