JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:1700:3:34::1

2a06:1700:3:34::1 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 25%: ?

25%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Flokinet Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200651
Domain Name	flokinet.is
Country	🇳🇱 Netherlands
City	Zwolle, Overijssel

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:1700:3:34::1

Whois 2a06:1700:3:34::1

IP Abuse Reports for 2a06:1700:3:34::1:

This IP address has been reported a total of 95 times from 12 distinct sources. 2a06:1700:3:34::1 was first reported on March 28th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Savvii	2026-06-10 08:39:00 (2 days ago)	20 attempts against mh-misbehave-ban on web-new	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 17:30:00 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 13:29:49.687630 2026] [security2:error] [pid 12955:tid 12955] [client 2a06:1700:3:34::1:39546] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.killeramps.com"] [uri "/.git/config"] [unique_id "aiMHjfx_VdjAgjtorz3E8wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 11:53:29 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:53:20.742779 2026] [security2:error] [pid 10236:tid 10236] [client 2a06:1700:3:34::1:50812] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.airtechconsulting.com"] [uri "/.git/config"] [unique_id "aiK4sBZDKXAVNdvnIrF8xwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-26 06:15:18 (2 weeks ago)	Blocked by UFW (TCP on 8333) Source port: 54722 Packet length: 80 This report (for 2a06:1700:0003:0 ... show more Blocked by UFW (TCP on 8333) Source port: 54722 Packet length: 80 This report (for 2a06:1700:0003:0034:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-26 21:04:05 (1 month ago)	2026-04-26 08:00:49,252 fail2ban.actions [7718]: NOTICE [tor] Ban 2a06:1700:3:34::1 2026-04- ... show more 2026-04-26 08:00:49,252 fail2ban.actions [7718]: NOTICE [tor] Ban 2a06:1700:3:34::1 2026-04-26 12:01:39,036 fail2ban.actions [7718]: NOTICE [tor] Ban 2a06:1700:3:34::1 2026-04-26 18:01:36,678 fail2ban.actions [7718]: NOTICE [tor] Ban 2a06:1700:3:34::1 2026-04-26 21:01:34,219 fail2ban.actions [7718]: NOTICE [tor] Ban 2a06:1700:3:34::1 2026-04-27 00:04:04,609 fail2ban.actions [7718]: NOTICE [tor] Ban 2a06:1700:3:34::1 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-25 16:35:27 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 12:35:17.311373 2026] [security2:error] [pid 11965:tid 11965] [client 2a06:1700:3:34::1:47408] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kh6jim.com"] [uri "/wp-config.php.us"] [unique_id "aeztRUQIiyvdgM1OqPNgIAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-03-30 16:52:00 (2 months ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-26 20:59:04 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-25 11:56:06 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 06:55:57.849333 2026] [security2:error] [pid 7192:tid 7192] [client 2a06:1700:3:34::1:56946] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thesalonx.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thesalonx.com"] [uri "/esalonx_db.sql"] [unique_id "aZ7jTQ9tqchXh3p4pWNubAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 13:12:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 08:12:46.501700 2026] [security2:error] [pid 15028:tid 15028] [client 2a06:1700:3:34::1:46138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.dansplans.com"] [uri "/.git/config"] [unique_id "aZ2jzqvsSgXPVLCZe89U2gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-04 22:59:10 (4 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-03. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-01-26 00:35:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 19:35:05.447534 2026] [security2:error] [pid 28976:tid 28976] [client 2a06:1700:3:34::1:45706] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.worthhomes4rent.com"] [uri "/.git/config"] [unique_id "aXa2uXLBeVZpbOHGjKm85gAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-06 23:36:16 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 06 18:36:04.990599 2026] [security2:error] [pid 8611:tid 8611] [client 2a06:1700:3:34::1:53238] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|landrdurables.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "landrdurables.com"] [uri "/bck.sql"] [unique_id "aV2cZH0pDp27owGVxbbeRQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-03 09:30:28 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 03 04:30:21.885401 2026] [security2:error] [pid 16996:tid 16996] [client 2a06:1700:3:34::1:43178] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lasertherapyoc.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lasertherapyoc.com"] [uri "/latest.sql"] [unique_id "aVjhrWFzQmP6kL-xcOgYvQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 02:31:16 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a06:1700:3:34::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 21:31:09.166981 2025] [security2:error] [pid 12996:tid 13066] [client 2a06:1700:3:34::1:46060] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|greaternorthmiamihistory.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "greaternorthmiamihistory.org"] [uri "/greatern.sql"] [unique_id "aVM5bWtO0w6z5P0XPJuAxwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 178.32.30.56

🇨🇳 106.227.75.197

🇧🇩 103.169.209.163

🇿🇦 102.131.21.11

🇺🇸 76.108.151.118

🇺🇸 66.132.186.236

🇫🇮 45.130.127.173

🇮🇳 27.109.11.34

🇨🇳 202.46.62.100

🇹🇼 198.235.24.72

🇷🇺 193.233.48.169

🇲🇽 187.191.48.22

🇨🇳 171.217.70.151

🇹🇭 171.100.113.22

🇺🇸 165.154.172.239

🇮🇳 103.225.206.14

🇺🇸 98.156.55.218

🇺🇸 47.251.42.17

🇳🇱 45.148.10.152

🇧🇷 187.45.95.66