JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:244a::1

2a06:a880:5:244a::1 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 80%: ?

80%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:244a::1

Whois 2a06:a880:5:244a::1

IP Abuse Reports for 2a06:a880:5:244a::1:

This IP address has been reported a total of 26 times from 14 distinct sources. 2a06:a880:5:244a::1 was first reported on June 19th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 e.fierstra	2026-06-22 10:55:35 (2 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-21 06:26:25 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-21 03:50:25 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 23:50:20.343365 2026] [security2:error] [pid 24121:tid 24121] [client 2a06:a880:5:244a::1:52758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thebrotherhoodlounge.com"] [uri "/.env.example"] [unique_id "ajdffFWh1727vk8IfVHHRAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-21 02:25:05 (3 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 00:55:04 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 20:54:57.063231 2026] [security2:error] [pid 22017:tid 22017] [client 2a06:a880:5:244a::1:58946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alexgitlin.com"] [uri "/.env"] [unique_id "ajc2YfREUlcuceXvLpSiAAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 23:14:26 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 19:14:21.127381 2026] [security2:error] [pid 23536:tid 23573] [client 2a06:a880:5:244a::1:58284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "venezuelaguia.com"] [uri "/.env"] [unique_id "ajcezTe0DJD_5o3l5vcoKAAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-20 22:30:15 (3 days ago)		Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-20 22:15:03 (3 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-20 22:07:24 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:07:19.755018 2026] [security2:error] [pid 29355:tid 29362] [client 2a06:a880:5:244a::1:58094] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seracon.com.ec"] [uri "/.env"] [unique_id "ajcPF1yM9PBZlM8ToDcYkwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-20 22:00:12 (3 days ago)	2a06:a880:5:244a::1 - - [21/Jun/2026:01:00:08 +0300] "GET /api/.env HTTP/1.1" 404 4646 "-" "Mozilla/ ... show more 2a06:a880:5:244a::1 - - [21/Jun/2026:01:00:08 +0300] "GET /api/.env HTTP/1.1" 404 4646 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot" 2a06:a880:5:244a::1 - - [21/Jun/2026:01:00:11 +0300] "GET /.env HTTP/1.1" 404 650 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)" ... show less	Web App Attack
🇮🇹 VHosting	2026-06-20 21:40:02 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 21:29:32 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:29:25.684496 2026] [security2:error] [pid 4827:tid 4827] [client 2a06:a880:5:244a::1:36306] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bahamascruisersguide.com"] [uri "/.env"] [unique_id "ajcGNSO77XxfbdyrBQ1fswAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 21:01:55 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:244a::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:01:50.012908 2026] [security2:error] [pid 11350:tid 11350] [client 2a06:a880:5:244a::1:43602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ictsl.net"] [uri "/.env.production"] [unique_id "ajb_vhhR-W9tsAuq-0VFDQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-20 19:42:09 (3 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇩🇪 big-cloud.nl	2026-06-20 12:36:09 (4 days ago)	Try to access /.env	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 156.70.5.184

🇺🇸 66.132.195.35

🇺🇸 216.25.89.134

🇩🇪 213.209.159.83

🇦🇹 212.152.181.201

🇻🇳 103.237.144.204

🇺🇸 67.207.84.8

🇫🇷 51.77.158.34

🇨🇳 36.99.46.101

🇺🇸 34.123.97.235

🇨🇳 223.109.252.223

🇩🇪 213.209.159.241

🇹🇷 212.252.76.55

🇰🇷 211.251.245.88

🇰🇷 211.178.165.251

🇺🇸 205.210.31.31

🇺🇸 172.202.26.119

🇰🇷 119.201.59.224

🇮🇳 103.159.43.244

🇰🇪 102.210.149.105