JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:9383::1

2a06:a880:5:9383::1 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:9383::1

Whois 2a06:a880:5:9383::1

IP Abuse Reports for 2a06:a880:5:9383::1:

This IP address has been reported a total of 36 times from 18 distinct sources. 2a06:a880:5:9383::1 was first reported on June 18th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-21 14:16:22 (7 hours ago)	Blocked by UFW (TCP on 80) Source port: 41804 Packet length: 80 This report (for 2a06:a880:0005:938 ... show more Blocked by UFW (TCP on 80) Source port: 41804 Packet length: 80 This report (for 2a06:a880:0005:9383:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
Anonymous	2026-06-20 09:44:11 (1 day ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 04:57:42 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 00:57:36.847737 2026] [security2:error] [pid 19447:tid 19447] [client 2a06:a880:5:9383::1:39974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thevenicecafe.com"] [uri "/.env"] [unique_id "ajYdwPiEDSPeOQzCC3B3uQAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-20 04:45:04 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-20 00:30:12 (1 day ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇬🇧 Marten Mark	2026-06-20 00:27:47 (1 day ago)	2a06:a880:5:9383::1 - - [20/Jun/2026:00:27:47 +0000] "GET /.aws/credentials HTTP/2.0" 404 24193 "-" ... show more 2a06:a880:5:9383::1 - - [20/Jun/2026:00:27:47 +0000] "GET /.aws/credentials HTTP/2.0" 404 24193 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" ... show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-19 23:43:06 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:42:58.653092 2026] [security2:error] [pid 13103:tid 13103] [client 2a06:a880:5:9383::1:43178] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "savoiapower.com"] [uri "/.env"] [unique_id "ajXUAgUI6K51Rc_DVEvU8QAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 23:00:57 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:00:53.409006 2026] [security2:error] [pid 8095:tid 8095] [client 2a06:a880:5:9383::1:34270] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ozkanturker.com"] [uri "/.env.example"] [unique_id "ajXKJWWTBUd0tj4A5YKMZgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 22:56:41 (1 day ago)	2a06:a880:5:9383::1 - - [19/Jun/2026:19:56:40 -0300] "GET /.env HTTP/2.0" 403 153 "-" "Mozilla/5.0 A ... show more 2a06:a880:5:9383::1 - - [19/Jun/2026:19:56:40 -0300] "GET /.env HTTP/2.0" 403 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected]" 2a06:a880:5:9383::1 - - [19/Jun/2026:19:56:40 -0300] "GET /.env.example HTTP/2.0" 403 153 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" ... show less	Port Scan
🇬🇧 Aetherweb Ark	2026-06-19 22:25:17 (1 day ago)	(mod_security) mod_security (id:949110) triggered by 2a06:a880:5:9383::1 (Unknown): N in the last X ... show more (mod_security) mod_security (id:949110) triggered by 2a06:a880:5:9383::1 (Unknown): N in the last X secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 22:05:23 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:05:19.655559 2026] [security2:error] [pid 12007:tid 12007] [client 2a06:a880:5:9383::1:41228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3905ccn.org"] [uri "/.env.production"] [unique_id "ajW9HyybhM_dADmNBrehmwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-06-19 21:02:57 (2 days ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇩🇪 Ba-Yu	2026-06-19 20:27:08 (2 days ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 19:49:14 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:9383::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 15:49:06.041962 2026] [security2:error] [pid 1908:tid 2024] [client 2a06:a880:5:9383::1:44530] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seracon.com.ec"] [uri "/.env"] [unique_id "ajWdMh_UcHDronvy8SPPFAAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 juutis	2026-06-19 18:53:58 (2 days ago)	Multiple WAF abuses - IP blocked	Hacking Brute-Force Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 180.94.20.24

🇧🇩 103.174.215.56

🇺🇸 66.132.186.188

🇳🇱 45.148.10.157

🇳🇱 45.148.10.152

🇺🇸 44.22.81.178

🇵🇱 2400:cb00:1056:1000:b6cd:6700:5050:c749

🇧🇪 198.235.24.206

🇵🇱 172.64.200.139

🇫🇷 147.135.220.202

🇨🇳 111.1.111.163

🇫🇷 85.217.140.10

🇺🇸 62.204.35.140

🇨🇳 58.49.113.138

🇵🇱 54.38.52.18

🇸🇬 47.128.24.8

🇳🇱 45.198.224.5

🇺🇸 44.201.22.67

🇹🇼 198.235.24.48

🇯🇵 180.15.159.130