JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:48b6::1

2a06:a880:5:48b6::1 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 95%: ?

95%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:48b6::1

Whois 2a06:a880:5:48b6::1

IP Abuse Reports for 2a06:a880:5:48b6::1:

This IP address has been reported a total of 29 times from 18 distinct sources. 2a06:a880:5:48b6::1 was first reported on June 19th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-22 22:03:01 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-21. show less	Web App Attack SSH Hacking
🇩🇪 ger-stg-sifi1	2026-06-21 17:06:49 (2 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 16:22:35 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 12:22:28.121554 2026] [security2:error] [pid 30931:tid 30931] [client 2a06:a880:5:48b6::1:56800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hoofprints.us"] [uri "/.env"] [unique_id "ajgPxIW6ra8XVq_1C6ArkwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Aetherweb Ark	2026-06-21 16:12:26 (2 days ago)	(mod_security) mod_security (id:949110) triggered by 2a06:a880:5:48b6::1 (Unknown): N in the last X ... show more (mod_security) mod_security (id:949110) triggered by 2a06:a880:5:48b6::1 (Unknown): N in the last X secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 12:48:01 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 08:47:56.188781 2026] [security2:error] [pid 4076:tid 4076] [client 2a06:a880:5:48b6::1:55514] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carefreesol.com"] [uri "/api/.env"] [unique_id "ajfdfJnADbwYPO1D9WV6SAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 03:14:34 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 23:14:25.748100 2026] [security2:error] [pid 2057:tid 2057] [client 2a06:a880:5:48b6::1:45968] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "doctorc.net"] [uri "/api/.env"] [unique_id "ajdXEa44iCKxcdK1B7Nf6AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 01:17:07 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 21:17:01.552507 2026] [security2:error] [pid 14681:tid 14681] [client 2a06:a880:5:48b6::1:49106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.alexgitlin.com"] [uri "/api/.env"] [unique_id "ajc7ja-dpd5LxyHalnVmxAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-21 00:20:42 (3 days ago)	2a06:a880:5:48b6::1 - - [21/Jun/2026:03:20:42 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 ( ... show more 2a06:a880:5:48b6::1 - - [21/Jun/2026:03:20:42 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" 2a06:a880:5:48b6::1 - - [21/Jun/2026:03:20:42 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "anthropic-ai" ... show less	Web App Attack
Anonymous	2026-06-20 20:48:57 (3 days ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 19:39:19 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 15:39:15.863798 2026] [security2:error] [pid 15485:tid 15485] [client 2a06:a880:5:48b6::1:39906] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adrienberthaud.com"] [uri "/api/.env"] [unique_id "ajbsY9pYEXJK2g-7W1S_WwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-20 19:30:06 (3 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 H24	2026-06-20 16:53:46 (3 days ago)	probing for secrets/config files /.aws/credentials	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 16:45:04 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 12:44:59.532174 2026] [security2:error] [pid 20144:tid 20144] [client 2a06:a880:5:48b6::1:58918] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "normsrotorservice.com"] [uri "/.env.production"] [unique_id "ajbDiy2K0Y05wDC4MJGVUwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 14:38:39 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:48b6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 10:38:32.957626 2026] [security2:error] [pid 17948:tid 17948] [client 2a06:a880:5:48b6::1:45840] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ideaofauniversity.website"] [uri "/api/.env"] [unique_id "ajal6IJuyRWVmmSIcNfSCgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 alferez	2026-06-20 13:26:23 (3 days ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.181

🇨🇳 111.26.6.111

🇺🇸 205.210.31.79

🇺🇸 162.216.150.215

🇮🇩 125.167.18.221

🇨🇳 125.80.219.209

🇨🇳 120.195.31.217

🇰🇷 112.184.14.127

🇮🇳 103.181.151.9

🇺🇸 91.230.168.58

🇫🇷 91.196.152.100

🇨🇦 85.217.149.32

🇫🇷 83.171.226.124

🇺🇸 66.132.186.244

🇸🇬 34.143.236.255

🇺🇸 209.90.232.26

🇧🇷 205.210.31.150

🇺🇸 205.210.31.60

🇧🇷 191.210.133.134

🇧🇷 190.83.33.19