JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2001:448a:a071:df9:68f2:67ce:2b82:cfa7

2001:448a:a071:df9:68f2:67ce:2b82:cfa7 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	PT Telekomunikasi Indonesia
Usage Type	Fixed Line ISP
ASN	AS7713
Domain Name	telkom.co.id
Country	🇮🇩 Indonesia
City	Warungpeuteuy, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2001:448a:a071:df9:68f2:67ce:2b82:cfa7

Whois 2001:448a:a071:df9:68f2:67ce:2b82:cfa7

IP Abuse Reports for 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:

This IP address has been reported a total of 53 times from 25 distinct sources. 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 was first reported on June 22nd 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 12:34:28 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (Unknown ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 08:34:22.486223 2026] [security2:error] [pid 3445:tid 3445] [client 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:57597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dodgersboosterclub.com"] [uri "/.env/.env.bak"] [unique_id "aj5xzhpu6NhqEzLx4uzKagAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Coco Bongo	2026-06-26 11:41:52 (2 hours ago)	2001:448a:a071:df9:68f2:67ce:2b82:cfa7 [redacted].[redacted] (7713-PT Telekomunikasi Indonesia Indon ... show more 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 [redacted].[redacted] (7713-PT Telekomunikasi Indonesia Indonesia Tasikmalaya) - - [26/Jun/2026:13:41:37 +0200] "GET /phpinfo.php HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Wi ... show less	Bad Web Bot Web App Attack
🇩🇪 fleckenbase	2026-06-26 11:01:15 (2 hours ago)	apache-noscript ...	Brute-Force Web App Attack
🇩🇪 maxpower	2026-06-26 09:29:10 (4 hours ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 ( ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (ID/Indonesia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 - - [26/Jun/2026:11:29:06 +0200] "GET /.aws/credentials HTTP/1.1" 301 295 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=dmarc.spacehosting.ovh 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 - - [26/Jun/2026:11:29:06 +0200] "GET /.aws/credentials HTTP/1.1" 200 3164 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=dmarc.spacehosting.ovh show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-26 08:52:35 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (Unknown ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:52:31.346837 2026] [security2:error] [pid 2856:tid 2856] [client 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:51443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drxcontent.com"] [uri "/.env/.env.bak"] [unique_id "aj49zwpGnVnZonyP6hkPNwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-06-26 05:16:10 (8 hours ago)	6 attacks on password grabbing URLs, PHP URLs, env grabbing URLs: GET /.aws/credentials HTTP/1.1 GET ... show more 6 attacks on password grabbing URLs, PHP URLs, env grabbing URLs: GET /.aws/credentials HTTP/1.1 GET /index.php HTTP/1.1 GET /.env/.env.bak HTTP/1.1 show less	Hacking Web App Attack
Anonymous	2026-06-26 05:10:47 (8 hours ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇩🇪 maxpower	2026-06-26 04:14:42 (9 hours ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 ( ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (ID/Indonesia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 - - [26/Jun/2026:06:14:40 +0200] "GET /.aws/credentials HTTP/1.1" 301 293 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=dimensioneautosgt.it 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 - - [26/Jun/2026:06:14:40 +0200] "GET /.aws/credentials HTTP/1.1" 404 355 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=dimensioneautosgt.it show less	Port Scan
🇩🇪 AetherFox	2026-06-26 03:44:15 (10 hours ago)	AetherFox VoidGuard detected: [Fri Jun 26 03:44:14.561618 2026] [authz_core:error] [pid 2311655:tid ... show more AetherFox VoidGuard detected: [Fri Jun 26 03:44:14.561618 2026] [authz_core:error] [pid 2311655:tid 2311673] [client 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:64811] AH01630: client denied by server configuration: proxy:http://[MASKED]/ [Fri Jun 26 03:44:14.561819 2026] [authz_core:error] [pid 2311655:tid 2311673] [client 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:64811] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Fri Jun 26 03:44:14.982559 2026] [authz_core:error] [pid 2311655:tid 2311671] [client 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:65390] AH01630: client denied by server configuration: proxy:http://[MASKED]/phpinfo.php [Fri Jun 26 03:44:14.982717 2026] [authz_core:error] [pid 2311655:tid 2311671] [client 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:65390] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Fri Jun 26 03:44:15.388708 2026] [authz_core:error] [pid 2311655:tid 2311698] [client 2001:448 ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 01:37:00 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (Unknown ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 21:36:51.908409 2026] [security2:error] [pid 5013:tid 5013] [client 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:50022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dictionaryoffish.com"] [uri "/.env/.env.bak"] [unique_id "aj3Xs_zCxiG3QmKxtnaA1QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Skyrider	2026-06-26 01:35:39 (12 hours ago)	Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.	Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-26 01:22:02 (12 hours ago)	Restricted File Access Attempt. Matched phrase "phpinfo.php" at REQUEST_FILENAME. (930130-stl2-14)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 00:36:27 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (Unknown ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 20:36:21.039909 2026] [security2:error] [pid 21946:tid 21946] [client 2001:448a:a071:df9:68f2:67ce:2b82:cfa7:49573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "donnysimonton.com"] [uri "/.env/.env.bak"] [unique_id "aj3JhUk4QYW1ACXSz7_lngAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 maxpower	2026-06-25 23:41:55 (14 hours ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 ( ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 (ID/Indonesia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 - - [26/Jun/2026:01:41:48 +0200] "GET /.aws/credentials HTTP/1.1" 301 283 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=domasgt.it 2001:448a:a071:df9:68f2:67ce:2b82:cfa7 - - [26/Jun/2026:01:41:49 +0200] "GET /.aws/credentials HTTP/1.1" 404 355 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=domasgt.it show less	Port Scan
🇬🇧 pinguin	2026-06-25 23:30:20 (14 hours ago)	Triggered Cloudflare WAF (firewallManaged) from ID. Action taken: LOG Protocol: HTTP/1.1 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from ID. Action taken: LOG Protocol: HTTP/1.1 (GET method) Endpoint: /index.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 173.239.214.248

🇫🇮 147.185.133.184

🇫🇷 91.196.152.199

🇬🇧 193.163.125.82

🇺🇸 162.216.149.54

🇺🇸 162.216.149.29

🇧🇬 91.191.209.98

🇺🇸 66.132.172.117

🇰🇷 1.212.225.99

🇨🇳 221.228.10.226

🇧🇷 187.107.8.1

🇧🇬 91.148.190.150

🇫🇷 62.210.125.62

🇰🇷 59.24.133.197

🇵🇱 57.128.225.99

🇸🇬 47.84.105.165

🇮🇩 43.245.249.251

🇸🇬 43.173.178.190

🇳🇱 195.178.110.228

🇧🇷 187.16.107.162