JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:982b::1

2a06:a880:5:982b::1 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:982b::1

Whois 2a06:a880:5:982b::1

IP Abuse Reports for 2a06:a880:5:982b::1:

This IP address has been reported a total of 39 times from 20 distinct sources. 2a06:a880:5:982b::1 was first reported on June 18th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 e.fierstra	2026-06-22 10:52:13 (17 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-20 22:30:17 (2 days ago)		Brute-Force Web App Attack
Anonymous	2026-06-20 09:51:38 (2 days ago)	"GET /api/.env HTTP/1.1"	Hacking Web App Attack
Anonymous	2026-06-20 05:16:02 (2 days ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 03:32:16 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 23:32:11.437415 2026] [security2:error] [pid 4591:tid 4591] [client 2a06:a880:5:982b::1:42620] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marxistphilosophy.org"] [uri "/.env.example"] [unique_id "ajYJuzAdbBjR9Jp3LbTkngAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 dtorrer	2026-06-20 02:36:50 (3 days ago)	General vulnerability scan.	Port Scan
🇦🇺 Anytech	2026-06-20 01:48:51 (3 days ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 01:32:39 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 21:32:32.050079 2026] [security2:error] [pid 26505:tid 26505] [client 2a06:a880:5:982b::1:35218] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gubbio.name"] [uri "/.env"] [unique_id "ajXtsAOcXjfTYiglSXJk-QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 23:50:01 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:49:55.147493 2026] [security2:error] [pid 14132:tid 14132] [client 2a06:a880:5:982b::1:48708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stacyfarm.com"] [uri "/api/.env"] [unique_id "ajXVo-c-W-ZO-aQuWhai8QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-19 23:45:13 (3 days ago)	Try to access /api/.env	Web App Attack
🇩🇪 macrob	2026-06-19 22:36:14 (3 days ago)	2026/06/19 22:35:07 [error] 3130782#3130782: 317424030 access forbidden by rule, client: 2a06:a880: ... show more 2026/06/19 22:35:07 [error] 3130782#3130782: 317424030 access forbidden by rule, client: 2a06:a880:5:982b::1, server: binixo.com.ar, request: "GET /.env HTTP/2.0", host: "binixo.com.ar", referrer: "http://binixo.com.ar/.env" 2026/06/19 22:36:13 [error] 3130780#3130780: 317425137 access forbidden by rule, client: 2a06:a880:5:982b::1, server: binixo.com.ar, request: "GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.44 HTTP/2.0", host: "binixo.com.ar" 2026/06/19 22:36:13 [error] 3130780#3130780: 317425138 access forbidden by rule, client: 2a06:a880:5:982b::1, server: binixo.com.ar, request: "GET /wp-content/themes/donna/slick/slick.min.js HTTP/2.0", host: "binixo.com.ar" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 21:38:28 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 17:38:23.261225 2026] [security2:error] [pid 32315:tid 32315] [client 2a06:a880:5:982b::1:45404] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.notariaarauco.cl"] [uri "/api/.env"] [unique_id "ajW2zxeVS5h9SG6bq2ElNgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 21:22:55 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:982b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 17:22:50.276128 2026] [security2:error] [pid 9944:tid 10017] [client 2a06:a880:5:982b::1:50456] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gilesrentalcars.com"] [uri "/api/.env"] [unique_id "ajWzKptEZe-0xYanvOSCywAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-19 21:00:10 (3 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 ipblock.com	2026-06-19 20:29:00 (3 days ago)	IPBlock protected site ID [669-fx]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.93

🇩🇪 193.124.20.233

🇧🇷 187.17.228.218

🇨🇳 180.167.128.203

🇧🇪 91.86.88.24

🇺🇸 66.132.172.129

🇲🇾 49.125.201.80

🇺🇸 3.134.216.108

🇪🇹 213.55.79.195

🇪🇸 212.227.153.120

🇦🇷 190.112.110.19

🇨🇳 183.131.109.166

🇧🇷 177.11.196.84

🇻🇳 171.231.195.215

🇩🇪 167.94.145.24

🇰🇷 121.131.220.152

🇨🇦 85.217.149.41

🇩🇪 69.5.169.202

🇹🇯 46.20.203.222

🇺🇸 20.169.106.171