JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:7b4b::1

2a06:a880:5:7b4b::1 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 64%: ?

64%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:7b4b::1

Whois 2a06:a880:5:7b4b::1

IP Abuse Reports for 2a06:a880:5:7b4b::1:

This IP address has been reported a total of 15 times from 10 distinct sources. 2a06:a880:5:7b4b::1 was first reported on June 19th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 07:13:16 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 03:13:09.020851 2026] [security2:error] [pid 25155:tid 25155] [client 2a06:a880:5:7b4b::1:53000] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "landjudging.com"] [uri "/.env.example"] [unique_id "ajY9hS9ku8Ic9SyAi0JtOgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 06:39:46 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 02:39:41.059259 2026] [security2:error] [pid 20739:tid 20739] [client 2a06:a880:5:7b4b::1:49858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "james.ahlstrom.name"] [uri "/api/.env"] [unique_id "ajY1rRlBHow-12TBFwd8jwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-20 03:57:58 (6 hours ago)	[SatJun2005:57:52.8003822026][security2:error][pid2406918:tid2406989][client2a06:a880:5:7b4b::1:0]Mo ... show more [SatJun2005:57:52.8003822026][security2:error][pid2406918:tid2406989][client2a06:a880:5:7b4b::1:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"www.parrocchiaditesserete.ch\"][uri\"/api/.env\"][unique_id\"ajYPwI5-1gPvLRbirtAASwAAAIo\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 01:20:06 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 21:20:02.213578 2026] [security2:error] [pid 10572:tid 10572] [client 2a06:a880:5:7b4b::1:45010] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.3905ccn.org"] [uri "/api/.env"] [unique_id "ajXqwql6gT4tBtwIiEFRvgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 23:03:05 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:02:59.518271 2026] [security2:error] [pid 14885:tid 14885] [client 2a06:a880:5:7b4b::1:37630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.poland-yacht-registration.com"] [uri "/api/.env"] [unique_id "ajXKo3pHzKt1d8A8NBbPOgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-19 22:29:58 (11 hours ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 20:56:34 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 16:56:28.390802 2026] [security2:error] [pid 28614:tid 28614] [client 2a06:a880:5:7b4b::1:36688] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bassboatmagazine.com"] [uri "/api/.env"] [unique_id "ajWs_LsUO1MXFqPOxmCMkgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 todix	2026-06-19 20:55:28 (13 hours ago)	Web App Attack Exploid from 2a06:a880:5:7b4b::1	Web App Attack
🇩🇪 macrob	2026-06-19 20:47:57 (13 hours ago)	2026/06/19 20:47:50 [error] 3130779#3130779: 317288790 access forbidden by rule, client: 2a06:a880: ... show more 2026/06/19 20:47:50 [error] 3130779#3130779: 317288790 access forbidden by rule, client: 2a06:a880:5:7b4b::1, server: binixo.pl, request: "GET /api/.env HTTP/2.0", host: "binixo.pl" 2026/06/19 20:47:55 [error] 3130780#3130780: 317286173 access forbidden by rule, client: 2a06:a880:5:7b4b::1, server: binixo.pl, request: "GET /.env.production HTTP/2.0", host: "binixo.pl" 2026/06/19 20:47:56 [error] 3130779#3130779: 317283003 access forbidden by rule, client: 2a06:a880:5:7b4b::1, server: binixo.pl, request: "GET /.env.local HTTP/2.0", host: "binixo.pl" ... show less	Web App Attack
🇪🇸 alferez	2026-06-19 20:46:17 (13 hours ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇩🇪 Hazzard	2026-06-19 19:49:59 (14 hours ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
Anonymous	2026-06-19 19:24:38 (14 hours ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /.env.bak	Web App Attack
🇳🇱 e.fierstra	2026-06-19 19:07:41 (14 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 18:09:23 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:7b4b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 14:09:11.826675 2026] [security2:error] [pid 7351:tid 7351] [client 2a06:a880:5:7b4b::1:51328] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casadelsolmexico.net"] [uri "/.env"] [unique_id "ajWFxwgmj0-CK9ukFHHSbwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-19 18:00:06 (16 hours ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 186.96.158.180

🇧🇷 179.184.241.69

🇧🇷 177.220.181.135

🇺🇦 79.143.45.75

🇦🇿 37.114.176.12

🇧🇬 193.24.211.107

🇺🇸 165.154.172.204

🇭🇰 152.32.239.90

🇫🇮 147.185.133.123

🇫🇷 51.159.149.103

🇫🇷 37.59.204.130

🇳🇵 27.34.73.44

🇯🇵 8.216.7.76

🇮🇷 217.219.70.92

🇮🇳 164.100.149.249

🇮🇳 103.192.64.214

🇷🇺 92.53.64.192

🇺🇸 91.230.168.122

🇳🇱 45.148.10.147

🇳🇱 34.32.217.126