JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:a502::1

2a06:a880:5:a502::1 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:a502::1

Whois 2a06:a880:5:a502::1

IP Abuse Reports for 2a06:a880:5:a502::1:

This IP address has been reported a total of 32 times from 18 distinct sources. 2a06:a880:5:a502::1 was first reported on June 19th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 soc-yk	2026-06-21 04:54:13 (1 day ago)	Type: suspicious_network_activity Risk: 98 Events: 56 Evidence: - Persistent suspicious network act ... show more Type: suspicious_network_activity Risk: 98 Events: 56 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇳🇱 Site.eu	2026-06-21 04:51:54 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 e.fierstra	2026-06-21 03:25:40 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 01:08:28 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 21:08:22.974346 2026] [security2:error] [pid 23933:tid 23933] [client 2a06:a880:5:a502::1:46102] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "perthdps.com"] [uri "/.env.example"] [unique_id "ajc5hldSHpYcQzBQkZpFUQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-20 23:54:35 (1 day ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 23:40:06 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 19:39:57.681031 2026] [security2:error] [pid 26490:tid 26490] [client 2a06:a880:5:a502::1:39434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notariapenco.cl"] [uri "/.env"] [unique_id "ajckzVEZnOmgjwMUZWDysAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Skyrider	2026-06-20 23:23:19 (1 day ago)	Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 22:02:10 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:02:04.003844 2026] [security2:error] [pid 7464:tid 7464] [client 2a06:a880:5:a502::1:37850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jerusalem-korczak-home.com"] [uri "/.env"] [unique_id "ajcN3NuTSBcog9OtbDLKugAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 21:16:45 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:16:37.907824 2026] [security2:error] [pid 14431:tid 14431] [client 2a06:a880:5:a502::1:45026] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wryemusings.com"] [uri "/.env.example"] [unique_id "ajcDNRbUosJRPUsLjhTt-wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-06-20 20:55:15 (1 day ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 3600 secs show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-20 18:46:21 (1 day ago)	2a06:a880:5:a502::1 - - [20/Jun/2026:21:46:21 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 A ... show more 2a06:a880:5:a502::1 - - [20/Jun/2026:21:46:21 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected]" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 18:25:06 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 14:25:00.842678 2026] [security2:error] [pid 22598:tid 22598] [client 2a06:a880:5:a502::1:58114] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riversidecabinswv.com"] [uri "/api/.env"] [unique_id "ajba_HO3TKjuhvky-IdcIQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 16:38:38 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a502::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 12:38:31.354665 2026] [security2:error] [pid 12231:tid 12231] [client 2a06:a880:5:a502::1:42714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jambmaster.com"] [uri "/api/.env"] [unique_id "ajbCB1uIHb-AQGb1-T082QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 Anytech	2026-06-20 13:57:54 (1 day ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack
Anonymous	2026-06-20 09:37:42 (1 day ago)	2a06:a880:5:a502::1 - - [20/Jun/2026:11:34:59 +0200] "GET /application.yml HTTP/2.0" 403 302 "-" "Mo ... show more 2a06:a880:5:a502::1 - - [20/Jun/2026:11:34:59 +0200] "GET /application.yml HTTP/2.0" 403 302 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" show less	Web Spam Blog Spam Brute-Force Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9e90:6001

🇩🇪 167.94.146.77

🇮🇹 151.0.154.194

🇻🇳 14.188.242.215

🇰🇷 218.149.228.148

🇺🇸 195.184.76.115

🇺🇸 195.184.76.112

🇵🇪 181.64.4.201

🇧🇷 179.48.7.247

🇦🇹 156.146.61.34

🇹🇼 123.58.205.100

🇻🇳 113.191.98.98

🇻🇳 113.190.170.91

🇨🇳 106.75.164.40

🇩🇪 78.111.67.247

🇺🇸 66.132.186.182

🇷🇴 2.57.122.177

🇪🇹 196.189.124.229

🇷🇴 193.32.162.82

🇸🇦 188.55.193.51