AbuseIPDB » 2a05:b0c7:6cc4::1

2a05:b0c7:6cc4::1 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 4%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Pfcloud
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51396
Domain Name	pfcloud.io
Country	Netherlands
City	Kerkrade, Limburg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 2a05:b0c7:6cc4::1

Whois 2a05:b0c7:6cc4::1

IP Abuse Reports for 2a05:b0c7:6cc4::1:

This IP address has been reported a total of 8 times from 2 distinct sources. 2a05:b0c7:6cc4::1 was first reported on December 4th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
TPI-Abuse	2025-04-15 23:37:38 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (Unknown): 1 in the last 300 ... show more(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 15 19:37:23.453603 2025] [security2:error] [pid 14003:tid 14003] [client 2a05:b0c7:6cc4::1:48768] [client 2a05:b0c7:6cc4::1] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|carolynedds.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "carolynedds.com"] [uri "/administrator/backups/database.sql"] [unique_id "Z_7tsy274HTAJljWkCmldQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-03-26 22:04:42 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in ... show more(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 26 18:04:37.002541 2025] [security2:error] [pid 1391:tid 1515] [client 2a05:b0c7:6cc4::1:65206] [client 2a05:b0c7:6cc4::1] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|oilchangelafayette.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "oilchangelafayette.com"] [uri "/database.sql"] [unique_id "Z-R59KtDFtz-UxQqfsbVzgAAAMU"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-03-07 22:40:57 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in ... show more(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 07 17:40:47.114942 2025] [security2:error] [pid 1015055:tid 1015055] [client 2a05:b0c7:6cc4::1:19906] [client 2a05:b0c7:6cc4::1] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|silalaw.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "silalaw.com"] [uri "/wp-admin/backup.sql"] [unique_id "Z8t171Q-zzSYQVQS8yhVUAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-03-01 20:04:31 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in ... show more(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 01 15:04:22.546271 2025] [security2:error] [pid 15412:tid 15412] [client 2a05:b0c7:6cc4::1:4934] [client 2a05:b0c7:6cc4::1] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|artisvilla.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "artisvilla.com"] [uri "/mysql.sql"] [unique_id "Z8NoRrDZQs8Qd68Q8qoAjQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-03-01 11:38:11 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in ... show more(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 01 06:38:02.394246 2025] [security2:error] [pid 25210:tid 25210] [client 2a05:b0c7:6cc4::1:46990] [client 2a05:b0c7:6cc4::1] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|xoticxpressions.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "xoticxpressions.com"] [uri "/wp-content/mysql.sql"] [unique_id "Z8LxmmjgWjuzvU38oRe2aQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-02-27 11:56:49 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in ... show more(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 06:56:42.740627 2025] [security2:error] [pid 10958:tid 10958] [client 2a05:b0c7:6cc4::1:16924] [client 2a05:b0c7:6cc4::1] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|karenbernsteinlaw.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "karenbernsteinlaw.net"] [uri "/installer-data.sql"] [unique_id "Z8BS-uyUV18re1kxqhCe-AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
sefinek.net	2025-01-14 22:51:49 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from T1. Action taken: BLOCK ASN: 51396 (PFCLO ... show moreTriggered Cloudflare WAF (firewallCustom) from T1. Action taken: BLOCK ASN: 51396 (PFCLOUD) Protocol: HTTP/2 (GET method) Endpoint: /blocklist-generator/ Timestamp: 2025-01-14T21:42:31Z Ray ID: 9020cbdeeaa3249d UA: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
TPI-Abuse	2024-12-04 22:17:45 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in ... show more(mod_security) mod_security (id:210730) triggered by 2a05:b0c7:6cc4::1 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 17:17:38.453352 2024] [security2:error] [pid 17540:tid 17540] [client 2a05:b0c7:6cc4::1:11562] [client 2a05:b0c7:6cc4::1] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|akistech.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "akistech.com"] [uri "/aki.sql"] [unique_id "Z1DVAjWziB0AgAtY54tsuwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

43.129.218.212

167.94.146.77

91.196.152.190

118.248.167.102

203.30.15.51

88.214.48.16

34.30.179.151

206.189.224.163

175.162.4.12

58.18.90.250

117.158.243.50

120.10.169.12

218.92.0.169

172.245.88.167

107.174.146.26

85.239.33.141

193.32.162.84

125.121.126.153

79.173.88.118

85.239.33.141