JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:20e::1

2a06:a880:5:20e::1 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 97%: ?

97%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:20e::1

Whois 2a06:a880:5:20e::1

IP Abuse Reports for 2a06:a880:5:20e::1:

This IP address has been reported a total of 38 times from 16 distinct sources. 2a06:a880:5:20e::1 was first reported on June 18th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 el-brujo	2026-06-19 05:34:09 (3 hours ago)	Cloudflare WAF: Request Path: /backend/.env Request Query: Host: api.elhacker.net userAgent: Mozill ... show more Cloudflare WAF: Request Path: /backend/.env Request Query: Host: api.elhacker.net userAgent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected] Action: block Source: firewallManaged ASN Description: M247 Europe SRL Country: NL Method: GET Timestamp: 2026-06-19T05:34:09Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-06-19 04:22:02 (5 hours ago)	Cloudflare WAF: Request Path: /public/.env Request Query: Host: www.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /public/.env Request Query: Host: www.elhacker.net userAgent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected] Action: block Source: firewallManaged ASN Description: M247 Europe SRL Country: NL Method: GET Timestamp: 2026-06-19T04:22:02Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 conseilgouz	2026-06-19 03:52:09 (5 hours ago)	ece-17 : Block hidden directories=>/.aws/credentials(/)	Hacking
🇺🇸 TPI-Abuse	2026-06-19 03:27:47 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 23:27:42.693821 2026] [security2:error] [pid 32202:tid 32202] [client 2a06:a880:5:20e::1:41714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dwipapuri-abadi.com"] [uri "/api/.env"] [unique_id "ajS3LlP_cXK0w_m_uCVPUAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 03:06:15 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 23:06:09.901120 2026] [security2:error] [pid 12042:tid 12042] [client 2a06:a880:5:20e::1:39004] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.drgas.com"] [uri "/.env"] [unique_id "ajSyIe68cc737uXiIdxWowAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 02:38:09 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 22:38:00.457794 2026] [security2:error] [pid 24914:tid 24914] [client 2a06:a880:5:20e::1:32872] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.doctorc.net"] [uri "/.env.example"] [unique_id "ajSriK3KLRbydVxhhNcIRgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Roderic	2026-06-19 01:45:44 (7 hours ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted])	Bad Web Bot
🇪🇸 alferez	2026-06-19 00:31:17 (8 hours ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 00:04:30 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 20:04:25.313968 2026] [security2:error] [pid 6548:tid 6548] [client 2a06:a880:5:20e::1:59720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cornerstonecharitablescholarshiptrust.org"] [uri "/.env.example"] [unique_id "ajSHiXnDvBjY1xmsSq91JQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-19 00:03:13 (9 hours ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-18 23:46:41 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 19:46:36.689394 2026] [security2:error] [pid 25545:tid 25547] [client 2a06:a880:5:20e::1:60580] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "conceptsinammunition.com"] [uri "/.env"] [unique_id "ajSDXC3TWk1DY7VFfNxaBgAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 22:57:37 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:57:30.505827 2026] [security2:error] [pid 24154:tid 24154] [client 2a06:a880:5:20e::1:45846] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.claireashton.com"] [uri "/.env.production"] [unique_id "ajR32nHG8hMM9an-U2V4QwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 22:38:52 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:38:47.281519 2026] [security2:error] [pid 900:tid 900] [client 2a06:a880:5:20e::1:59036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.chrisbilder.com"] [uri "/.env.production"] [unique_id "ajRzd7EgwMEncX-B6XOd9QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 22:09:30 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:09:25.119416 2026] [security2:error] [pid 12969:tid 12969] [client 2a06:a880:5:20e::1:35052] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cgautomatizacion.com"] [uri "/.env.example"] [unique_id "ajRslbhcTRU_OurBnjtwsgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 21:25:25 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:20e::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:25:20.980510 2026] [security2:error] [pid 341:tid 341] [client 2a06:a880:5:20e::1:52772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.carminestogo.com"] [uri "/.env"] [unique_id "ajRiQK-fusPDPAdnXw2fCAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 194.5.82.127

🇩🇪 193.124.20.234

🇫🇮 147.185.133.160

🇭🇰 139.198.113.29

🇺🇸 104.243.35.104

🇬🇧 90.199.232.103

🇺🇸 52.242.128.238

🇲🇾 47.254.248.7

🇩🇪 43.157.52.37

🇬🇧 35.203.211.64

🇷🇴 2.57.122.177

🇷🇺 193.232.59.91

🇷🇺 193.232.59.66

🇧🇷 179.187.71.170

🇪🇬 154.176.165.184

🇿🇦 105.28.108.165

🇺🇸 100.53.42.241

🇬🇧 89.37.172.142

🇮🇳 49.36.144.150

🇧🇷 43.157.149.188