JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:393b::1

2a06:a880:5:393b::1 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:393b::1

Whois 2a06:a880:5:393b::1

IP Abuse Reports for 2a06:a880:5:393b::1:

This IP address has been reported a total of 41 times from 20 distinct sources. 2a06:a880:5:393b::1 was first reported on June 27th 2026, and the most recent report was 37 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-06-30 02:35:08 (37 minutes ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇩🇪 4server	2026-06-29 17:23:57 (9 hours ago)	[MonJun2919:23:50.5470262026][security2:error][pid3308500:tid3308637][client2a06:a880:5:393b::1:0]Mo ... show more [MonJun2919:23:50.5470262026][security2:error][pid3308500:tid3308637][client2a06:a880:5:393b::1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"nuovosito.gruppobalu.com\"][uri\"/.git/HEAD\"][unique_id\"akKqJl7-1uMg88iVjsQuSgAAARY\"] show less	Port Scan Brute-Force Web App Attack
🇫🇮 oh.mg	2026-06-29 17:23:55 (9 hours ago)	[Mon Jun 29 19:23:54.893602 2026] [security2:error] [pid 1701387:tid 1701390] [client 2a06:a880:5:39 ... show more [Mon Jun 29 19:23:54.893602 2026] [security2:error] [pid 1701387:tid 1701390] [client 2a06:a880:5:393b::1:58800] [client 2a06:a880:5:393b::1] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "nei.lol"] [uri "/.git/HEAD"] [unique_id "akKqKjvIxCGNPkXNLN0aOgAAAIE"] [Mon Jun 29 19:23:54.893610 2026] [security2:error] [pid 1700497:tid 1700507] [client 2a06:a880:5:393b::1:58786] [client 2a06:a880:5:393b::1] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_ ... show less	Web App Attack Bad Web Bot
🇦🇺 Anytech	2026-06-29 16:19:01 (10 hours ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 11:57:57 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:57:48.401967 2026] [security2:error] [pid 3904:tid 3904] [client 2a06:a880:5:393b::1:39958] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ngm.office-on-the.net.anthonyanimalclinic.net"] [uri "/.git/HEAD"] [unique_id "akJdvETq9j_V7bgH8q8NEAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Lezetho	2026-06-29 09:00:23 (18 hours ago)	DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare	DDoS Attack Email Spam Hacking Brute-Force
Anonymous	2026-06-29 06:30:02 (20 hours ago)	CrowdSec decision: crowdsecurity/http-probing (origin: crowdsec)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 18:56:57 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 14:56:49.358754 2026] [security2:error] [pid 13366:tid 13366] [client 2a06:a880:5:393b::1:38076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pianissimo-pp.com.globalvillagecambodia.org"] [uri "/.env"] [unique_id "akFucS5SUWfRb653uNl5gQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 17:36:14 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 13:36:07.402670 2026] [security2:error] [pid 28023:tid 28023] [client 2a06:a880:5:393b::1:40028] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "positivecreatespositive.zavijava.net"] [uri "/.env.local"] [unique_id "akFbh7MtBE1JfW4C4Hg7oAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 16:32:04 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:31:51.843746 2026] [security2:error] [pid 13454:tid 13454] [client 2a06:a880:5:393b::1:58734] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "resume.alexsource.com"] [uri "/.git/HEAD"] [unique_id "akFMdxftEha69M-gDTP6PAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-28 16:16:22 (1 day ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 16:11:42 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:11:38.981596 2026] [security2:error] [pid 23811:tid 23811] [client 2a06:a880:5:393b::1:58830] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reinosus.com.verdadesreales.com"] [uri "/.git/HEAD"] [unique_id "akFHumWWTspC1T6axMC4tgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-28 15:57:57 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 big-cloud.nl	2026-06-28 15:38:13 (1 day ago)	Try to access /.git/HEAD	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 15:20:01 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:393b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:19:54.876293 2026] [security2:error] [pid 21175:tid 21175] [client 2a06:a880:5:393b::1:38646] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "publications.flyingdodostudio.com"] [uri "/.env"] [unique_id "akE7mtie7_nuXdIZlngYHwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2600:3c02::2000:c1ff:fe57:cede

🇧🇪 198.235.24.204

🇺🇸 195.184.76.177

🇨🇴 190.255.34.218

🇬🇧 157.245.36.108

🇹🇼 61.231.226.182

🇧🇷 2800:3f0:4001:c02::126

🇨🇳 219.159.100.206

🇳🇱 204.76.203.222

🇺🇸 172.59.182.50

🇺🇸 66.132.224.29

🇳🇱 45.198.224.5

🇺🇸 34.216.143.69

🇺🇸 216.25.89.86

🇸🇬 161.118.221.77

🇺🇸 147.185.132.195

🇮🇳 115.243.248.82

🇳🇬 102.221.237.6

🇮🇹 93.34.5.148

🇬🇧 89.37.172.147