JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:b553::1

2a06:a880:5:b553::1 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 55%: ?

55%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:b553::1

Whois 2a06:a880:5:b553::1

IP Abuse Reports for 2a06:a880:5:b553::1:

This IP address has been reported a total of 13 times from 8 distinct sources. 2a06:a880:5:b553::1 was first reported on June 19th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-20 08:30:03 (1 hour ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-20 07:58:33 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 03:58:21.630333 2026] [security2:error] [pid 31141:tid 31141] [client 2a06:a880:5:b553::1:54564] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fiestadj.com.mx"] [uri "/.env"] [unique_id "ajZIHYOxD4F9aV0ObbYPFwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 07:40:08 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 03:40:01.820287 2026] [security2:error] [pid 5496:tid 5496] [client 2a06:a880:5:b553::1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.socialstudiesforkids.com"] [uri "/.env"] [unique_id "ajZD0fOfVvd9gCMMqsQUugAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 dtorrer	2026-06-20 07:01:55 (2 hours ago)	General vulnerability scan.	Port Scan
🇺🇸 horsemedia	2026-06-20 04:39:18 (5 hours ago)	probing for exploits /.aws/credentials	Web App Attack
🇩🇪 Skyrider	2026-06-20 01:23:40 (8 hours ago)	Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 23:26:02 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:25:56.113149 2026] [security2:error] [pid 27393:tid 27393] [client 2a06:a880:5:b553::1:58300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "silver-nm.com"] [uri "/.env"] [unique_id "ajXQBDS_Ceyj5kmPN9EXugAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 23:04:59 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:04:55.506189 2026] [security2:error] [pid 20081:tid 20081] [client 2a06:a880:5:b553::1:60600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jbaydeliveries.com"] [uri "/.env.example"] [unique_id "ajXLF77TAa2Xq4v-6oe5AAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 webko.si	2026-06-19 22:56:33 (10 hours ago)	DKK: Bruteforce web app access, URI detail: '/backend/.env'.	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 21:57:42 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 17:57:35.714561 2026] [security2:error] [pid 5859:tid 5859] [client 2a06:a880:5:b553::1:56148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ozkanturker.com"] [uri "/admin/.env"] [unique_id "ajW7T2eJrgIVxDHj8Ok92gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-06-19 21:41:55 (12 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 19:35:00 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:b553::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 15:34:54.601251 2026] [security2:error] [pid 8275:tid 8275] [client 2a06:a880:5:b553::1:60266] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "henhousebbq.com"] [uri "/api/.env"] [unique_id "ajWZ3qfFS_oIDI9pHOhTtQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-19 18:50:02 (15 hours ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 45.40.61.195

🇺🇸 23.92.25.114

🇮🇳 202.160.146.246

🇮🇩 180.243.6.105

🇦🇷 168.196.33.186

🇺🇸 162.216.150.51

🇨🇳 119.96.223.148

🇳🇬 102.91.78.50

🇮🇹 88.147.125.201

🇲🇽 38.65.170.195

🇸🇦 37.242.171.0

🇫🇷 37.58.136.133

🇳🇿 203.211.72.126

🇮🇶 198.160.168.243

🇷🇴 193.46.255.86

🇮🇳 182.95.47.2

🇫🇮 147.185.133.130

🇭🇰 114.111.52.109

🇸🇬 94.231.206.152

🇯🇴 86.108.92.78