JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:641d::1

2a06:a880:5:641d::1 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 44%: ?

44%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:641d::1

Whois 2a06:a880:5:641d::1

IP Abuse Reports for 2a06:a880:5:641d::1:

This IP address has been reported a total of 10 times from 6 distinct sources. 2a06:a880:5:641d::1 was first reported on June 18th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 02:39:29 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 22:39:24.551969 2026] [security2:error] [pid 6529:tid 6529] [client 2a06:a880:5:641d::1:40680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bahamascruisersguide.com"] [uri "/.env.example"] [unique_id "ajSr3CHKQQBk2uTAEMNM3QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 00:53:45 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 20:53:41.010164 2026] [security2:error] [pid 24363:tid 24363] [client 2a06:a880:5:641d::1:57272] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atame.com"] [uri "/.env"] [unique_id "ajSTFaFMMrqn7xiC1D-_HQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Major Hostility	2026-06-19 00:15:12 (11 hours ago)	"GET /api/.env HTTP/1.1" 404 "GET /.env.example HTTP/1.1" 404 "GET /google-services.json HTTP/1.1" 4 ... show more "GET /api/.env HTTP/1.1" 404 "GET /.env.example HTTP/1.1" 404 "GET /google-services.json HTTP/1.1" 404 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 21:39:42 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:39:35.670098 2026] [security2:error] [pid 21491:tid 21491] [client 2a06:a880:5:641d::1:36872] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "animatuevento.com.mx"] [uri "/.env"] [unique_id "ajRllzA1c8hbgBZsD3CF8wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-18 19:38:22 (15 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 18:42:45 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 14:42:37.834729 2026] [security2:error] [pid 18501:tid 18501] [client 2a06:a880:5:641d::1:46608] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adrienberthaud.com"] [uri "/.env.example"] [unique_id "ajQ8Hc5sPVKIpW-HMwUDGgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 6kilowatti	2026-06-18 16:05:44 (19 hours ago)	2a06:a880:5:641d::1 - - [18/Jun/2026:19:05:43 +0300] "GET /secrets.yml HTTP/1.1" 404 60 "-" "Mozilla ... show more 2a06:a880:5:641d::1 - - [18/Jun/2026:19:05:43 +0300] "GET /secrets.yml HTTP/1.1" 404 60 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 15:38:34 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:641d::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 11:38:30.299034 2026] [security2:error] [pid 12687:tid 12687] [client 2a06:a880:5:641d::1:37922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "5starfluffandfold.com"] [uri "/.env"] [unique_id "ajQQ9qhGn4Ut8Q3pxtAW2QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Mendip_Defender	2026-06-18 15:17:56 (20 hours ago)	2a06:a880:5:641d::1 - - [18/Jun/2026:16:17:50 +0100] "GET /.aws/credentials HTTP/1.1" 404 51186 "-" ... show more 2a06:a880:5:641d::1 - - [18/Jun/2026:16:17:50 +0100] "GET /.aws/credentials HTTP/1.1" 404 51186 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected])" ... show less	Bad Web Bot
🇮🇹 VHosting	2026-06-18 14:55:03 (20 hours ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 183.82.145.55

🇮🇳 168.144.81.184

🇫🇮 147.185.133.183

🇮🇩 103.186.193.163

🇨🇳 42.180.4.166

🇭🇰 23.91.97.170

🇮🇳 20.244.18.126

🇺🇸 198.62.4.224

🇷🇺 194.226.139.194

🇰🇭 175.100.35.103

🇺🇸 172.234.25.243

🇮🇩 103.185.43.218

🇮🇳 103.169.154.4

🇷🇺 95.167.225.76

🇺🇸 74.7.241.0

🇨🇳 218.93.165.83

🇩🇪 167.94.146.38

🇺🇸 162.216.150.9

🇧🇷 129.121.50.245

🇨🇳 119.114.58.169