JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:a919::1

2a06:a880:5:a919::1 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 84%: ?

84%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:a919::1

Whois 2a06:a880:5:a919::1

IP Abuse Reports for 2a06:a880:5:a919::1:

This IP address has been reported a total of 36 times from 21 distinct sources. 2a06:a880:5:a919::1 was first reported on June 2nd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Blexyel	2026-06-04 21:40:22 (1 week ago)	2a06:a880:5:a919::1 - - [04/Jun/2026:23:40:22 +0200] "GET /.git/config HTTP/1.1" 404 435 "-" "Mozill ... show more 2a06:a880:5:a919::1 - - [04/Jun/2026:23:40:22 +0200] "GET /.git/config HTTP/1.1" 404 435 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" "share.fomx.gay" ... show less	Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-04 21:12:40 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 Ba-Yu	2026-06-04 20:26:27 (1 week ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇳🇱 Webhoster	2026-06-04 20:24:36 (1 week ago)	{"ClientAddr":"104.23.166.7:12129","ClientHost":"2a06:a880:5:a919::1","ClientPort":"12129","ClientUs ... show more {"ClientAddr":"104.23.166.7:12129","ClientHost":"2a06:a880:5:a919::1","ClientPort":"12129","ClientUsername":"-","DownstreamContentSize":24,"DownstreamStatus":404,"Duration":835286,"OriginContentSize":24,"OriginDuration":684122,"OriginStatus":404,"Overhead":151164,"RequestAddr":"sftp.timvdberg.dev","RequestContentSize":0,"RequestCount":152041,"RequestHost":"sftp.timvdberg.dev","RequestMethod":"GET","RequestPath":"/.env","RequestPort":"-","RequestProtocol":"HTTP/2.0","RequestScheme":"https","RetryAttempts":0,"RouterName":"sftpgo@docker","ServiceAddr":"172.16.16.11:8080","ServiceName":"sftpgo@docker","ServiceURL":"http://172.16.16.11:8080","StartLocal":"2026-06-04T20:24:35.427788873Z","StartUTC":"2026-06-04T20:24:35.427788873Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"https","level":"info","msg":"","request_Cf-Connecting-Ip":"2a06:a880:5:a919::1","request_X-Forwarded-For":"2a06:a880:5:a919::1","request_X-Real-Ip":"104.23.166.7","time":"2026-06-04T20:24:35Z ... show less	Port Scan Hacking Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-04 15:07:58 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 LRob.fr	2026-06-04 15:00:05 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇦🇺 Anytech	2026-06-04 14:01:09 (1 week ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack
🇺🇸 oralunal	2026-06-04 13:43:26 (1 week ago)	IP banned by Fail2Ban in jail ah-suss access.log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 13:20:53 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a919::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a919::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 09:20:45.526669 2026] [security2:error] [pid 27122:tid 27122] [client 2a06:a880:5:a919::1:33802] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lovingangelicreiki.com"] [uri "/.git/config"] [unique_id "aiF7rT2k31TeguzVqOXLhgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 12:43:13 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a919::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a919::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:43:10.755109 2026] [security2:error] [pid 5426:tid 5426] [client 2a06:a880:5:a919::1:46712] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luvmypuggle.com"] [uri "/.git/HEAD"] [unique_id "aiFy3thppwYWQw6Y6TgBdwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-04 12:28:33 (1 week ago)	(modsecurity) srv102 ModSecurity 2a06:a880:5:a919::1 (NL/The Netherlands/-): 10 in the last 3600 sec ... show more (modsecurity) srv102 ModSecurity 2a06:a880:5:a919::1 (NL/The Netherlands/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-03 22:03:01 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-02. show less	Web App Attack SSH Hacking
🇩🇪 gadix	2026-06-03 17:29:05 (1 week ago)	[03/Jun/2026:19:29:03.820511 +0200] aiBkX7ziVQbCUC8_cM6AKwAAAAs 2a06:a880:5:a919::1 44994 127.0.0.1 ... show more [03/Jun/2026:19:29:03.820511 +0200] aiBkX7ziVQbCUC8_cM6AKwAAAAs 2a06:a880:5:a919::1 44994 127.0.0.1 7081 [03/Jun/2026:19:29:03.825034 +0200] aiBkX69JpQ9ZnsgkI33m-QAAABQ 2a06:a880:5:a919::1 45010 127.0.0.1 7081 [03/Jun/2026:19:29:03.835251 +0200] aiBkX9QmYBIYlE_3txwpmwAAAAo 2a06:a880:5:a919::1 45024 127.0.0.1 7081 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 17:20:41 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a919::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:a919::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 13:20:33.223347 2026] [security2:error] [pid 10569:tid 10569] [client 2a06:a880:5:a919::1:53300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cloudex.click"] [uri "/.env"] [unique_id "aiBiYaNXf4mZ8jRJRZOPuwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-03 17:20:39 (1 week ago)	(modsecurity) srv103 ModSecurity 2a06:a880:5:a919::1 (NL/The Netherlands/-): 10 in the last 3600 sec ... show more (modsecurity) srv103 ModSecurity 2a06:a880:5:a919::1 (NL/The Netherlands/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇺🇸 205.210.31.36

🇲🇽 187.216.224.85

🇷🇺 178.178.222.50

🇵🇰 119.152.102.54

🇨🇳 119.120.91.95

🇮🇳 103.112.213.190

🇨🇦 3.99.247.35

🇳🇱 193.176.31.248

🇮🇶 185.166.25.150

🇧🇷 181.223.161.117

🇺🇸 129.146.123.189

🇳🇱 93.174.93.12

🇫🇷 91.231.89.211

🇫🇷 91.231.89.107

🇱🇹 81.30.98.158

🇺🇸 64.23.209.197

🇨🇳 58.59.101.110

🇩🇪 47.254.144.111

🇧🇷 43.164.196.114