JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:27dc::1

2a06:a880:5:27dc::1 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 92%: ?

92%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:27dc::1

Whois 2a06:a880:5:27dc::1

IP Abuse Reports for 2a06:a880:5:27dc::1:

This IP address has been reported a total of 35 times from 15 distinct sources. 2a06:a880:5:27dc::1 was first reported on June 18th 2026, and the most recent report was 27 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 juutis	2026-06-19 04:07:43 (27 minutes ago)	Multiple WAF abuses - IP blocked	Hacking Brute-Force Web App Attack
🇩🇪 Reinhard	2026-06-19 03:58:28 (37 minutes ago)	Unknown activity, but too many attacks with too many users.	Hacking
🇺🇸 TPI-Abuse	2026-06-19 03:27:59 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 23:27:52.043597 2026] [security2:error] [pid 28312:tid 28312] [client 2a06:a880:5:27dc::1:52600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.logosformacion.net"] [uri "/api/.env"] [unique_id "ajS3OCbP1ocaa1zm07Be8QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 02:28:55 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 22:28:48.558947 2026] [security2:error] [pid 6578:tid 6578] [client 2a06:a880:5:27dc::1:60946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.legalnexuslawfirm.com"] [uri "/api/.env"] [unique_id "ajSpYP8CK9mPIB-A6EQ0BQAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 01:50:12 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 21:50:06.335391 2026] [security2:error] [pid 1743:tid 1743] [client 2a06:a880:5:27dc::1:41340] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lakewoodranchhairsalon.com"] [uri "/.env.local"] [unique_id "ajSgTu7x782LA1vugY-WtgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Kinsei Engineering Inc.	2026-06-19 00:40:35 (3 hours ago)	nginx:Illicit login attempts to the CMS, or investigation into CMS plugins with vulnerabilities.	Brute-Force Web Spam Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 00:33:12 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 20:33:00.087664 2026] [security2:error] [pid 3999:tid 4007] [client 2a06:a880:5:27dc::1:44240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.killasgarage.bike"] [uri "/.env.example"] [unique_id "ajSOPBHLFsQg14-Bf5ZjaAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-19 00:06:45 (4 hours ago)	(modsecurity) srv104 ModSecurity 2a06:a880:5:27dc::1 (NL/The Netherlands/-): 10 in the last 3600 sec ... show more (modsecurity) srv104 ModSecurity 2a06:a880:5:27dc::1 (NL/The Netherlands/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇳🇱 e.fierstra	2026-06-19 00:01:12 (4 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 23:08:34 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 19:08:27.664397 2026] [security2:error] [pid 941:tid 941] [client 2a06:a880:5:27dc::1:49584] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jiffycareers.com"] [uri "/.env"] [unique_id "ajR6a15KD4zlBCjqyhZweAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-06-18 23:00:17 (5 hours ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇩🇪 LRob.fr	2026-06-18 23:00:04 (5 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-18 22:47:28 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:47:21.977371 2026] [security2:error] [pid 20596:tid 20596] [client 2a06:a880:5:27dc::1:43642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jambmaster.com"] [uri "/.env"] [unique_id "ajR1ebgd02KoZcQ2rX0B9gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-06-18 21:48:09 (6 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 21:11:02 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:27dc::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:10:57.020124 2026] [security2:error] [pid 17936:tid 17936] [client 2a06:a880:5:27dc::1:51524] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ictsl.net"] [uri "/api/.env"] [unique_id "ajRe4d7mh39o3vTMpXxXLAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 163.223.244.3

🇺🇸 152.32.233.135

🇷🇺 188.162.248.108

🇺🇸 172.236.96.130

🇧🇷 168.227.224.197

🇹🇼 128.14.229.76

🇭🇰 123.58.213.128

🇨🇳 101.96.234.229

🇳🇱 81.19.216.104

🇺🇸 65.49.1.168

🇸🇪 31.59.160.12

🇩🇪 2a01:4f8:150:13a5::100:6

🇰🇪 197.231.178.154

🇺🇸 173.255.223.49

🇻🇳 171.231.194.181

🇺🇸 104.243.35.45

🇩🇪 69.5.169.220

🇺🇸 66.132.172.137

🇰🇷 49.247.36.49

🇳🇱 45.142.193.53