JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a01:96e0:0:545:1::4c7

2a01:96e0:0:545:1::4c7 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 23%: ?

23%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Korbank S. A.
Usage Type	Fixed Line ISP
ASN	AS35179
Domain Name	korbank.pl
Country	🇵🇱 Poland
City	Wroclaw, Lower Silesia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a01:96e0:0:545:1::4c7

Whois 2a01:96e0:0:545:1::4c7

IP Abuse Reports for 2a01:96e0:0:545:1::4c7:

This IP address has been reported a total of 5 times from 3 distinct sources. 2a01:96e0:0:545:1::4c7 was first reported on June 15th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-15 22:30:13 (2 days ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 12:49:18 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:96e0:0:545:1::4c7 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:96e0:0:545:1::4c7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:49:14.284023 2026] [security2:error] [pid 19825:tid 19825] [client 2a01:96e0:0:545:1::4c7:34624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "programsforwedding.com"] [uri "/.env"] [unique_id "ai_0ys5K7CcN9FzM2ZC5QgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 12:34:09 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:96e0:0:545:1::4c7 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:96e0:0:545:1::4c7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:34:01.693308 2026] [security2:error] [pid 16154:tid 16154] [client 2a01:96e0:0:545:1::4c7:48482] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tsaifd.org"] [uri "/api/.env"] [unique_id "ai_xOdA3IxzCGVu68pBfVwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 macrob	2026-06-15 11:54:10 (2 days ago)	2026/06/15 11:54:08 [error] 2547564#2547564: 307196204 access forbidden by rule, client: 2a01:96e0: ... show more 2026/06/15 11:54:08 [error] 2547564#2547564: 307196204 access forbidden by rule, client: 2a01:96e0:0:545:1::4c7, server: finami.es, request: "GET /api/.env HTTP/2.0", host: "finami.es", referrer: "http://finami.es/api/.env" 2026/06/15 11:54:08 [error] 2547564#2547564: 307196205 access forbidden by rule, client: 2a01:96e0:0:545:1::4c7, server: finami.es, request: "GET /app/.env HTTP/2.0", host: "finami.es", referrer: "http://finami.es/app/.env" 2026/06/15 11:54:08 [error] 2547564#2547564: 307196206 access forbidden by rule, client: 2a01:96e0:0:545:1::4c7, server: finami.es, request: "GET /.env HTTP/2.0", host: "finami.es", referrer: "http://finami.es/.env" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 11:29:26 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:96e0:0:545:1::4c7 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 2a01:96e0:0:545:1::4c7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:29:18.985096 2026] [security2:error] [pid 23235:tid 23235] [client 2a01:96e0:0:545:1::4c7:33654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drgweich.com"] [uri "/api/.env"] [unique_id "ai_iDk6dpm-N80x-03GHiQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 157.66.80.97

🇲🇾 202.165.29.123

🇨🇳 171.43.134.254

🇸🇬 156.146.56.131

🇮🇳 122.187.229.220

🇨🇳 119.123.31.23

🇲🇦 105.154.92.225

🇷🇺 95.215.108.47

🇺🇸 91.230.168.17

🇳🇱 91.92.40.5

🇳🇱 87.121.79.250

🇦🇷 45.178.70.3

🇭🇰 8.218.43.108

🇨🇳 122.51.196.162

🇳🇱 81.19.216.107

🇨🇳 42.231.93.232

🇺🇸 8.229.76.116

🇨🇳 218.23.95.9

🇬🇾 181.41.71.81

🇨🇳 123.245.85.201