JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a06:a880:5:eff5::1

2a06:a880:5:eff5::1 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 86%: ?

86%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	STYLISH BY A&L SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	07internet.ro
Country	🇳🇱 Netherlands
City	The Hague, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a06:a880:5:eff5::1

Whois 2a06:a880:5:eff5::1

IP Abuse Reports for 2a06:a880:5:eff5::1:

This IP address has been reported a total of 35 times from 15 distinct sources. 2a06:a880:5:eff5::1 was first reported on June 18th 2026, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-22 10:54:21 (19 hours ago)	Multiple WAF Violations	Web App Attack
🇩🇪 LRob.fr	2026-06-20 11:45:03 (2 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-20 10:50:07 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 06:49:57.183989 2026] [security2:error] [pid 24658:tid 24658] [client 2a06:a880:5:eff5::1:50226] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testrong.com"] [uri "/.env"] [unique_id "ajZwVUSxsa7xMF1c_V2NWwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 09:24:02 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 05:23:57.001795 2026] [security2:error] [pid 3505:tid 3505] [client 2a06:a880:5:eff5::1:39030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.powerkiteforum.com"] [uri "/api/.env"] [unique_id "ajZcLZYqttXH4KpBH2Dd4gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 08:35:54 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:35:49.387492 2026] [security2:error] [pid 1997:tid 1997] [client 2a06:a880:5:eff5::1:54884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theneighborswindow.com"] [uri "/.env.example"] [unique_id "ajZQ5do0GTF07Hp75nIG5AAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 08:12:50 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:12:47.080603 2026] [security2:error] [pid 8204:tid 8204] [client 2a06:a880:5:eff5::1:57878] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.natural-history-conservation.com"] [uri "/.env"] [unique_id "ajZLf_E8FqbVqzJ5G5sDYgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-20 05:50:51 (3 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-20 05:35:07 (3 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 04:48:28 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 00:48:23.091943 2026] [security2:error] [pid 27807:tid 27807] [client 2a06:a880:5:eff5::1:54526] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3905ccn.org"] [uri "/.env.production"] [unique_id "ajYbl2Vf7a6iUy4xDldt6AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-20 03:40:42 (3 days ago)	2a06:a880:5:eff5::1 - - [20/Jun/2026:06:40:36 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "Mozilla/5 ... show more 2a06:a880:5:eff5::1 - - [20/Jun/2026:06:40:36 +0300] "GET /api/.env HTTP/1.1" 404 680 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected])" 2a06:a880:5:eff5::1 - - [20/Jun/2026:06:40:37 +0300] "GET /.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" ... show less	Web App Attack
🇦🇺 Anytech	2026-06-20 01:19:32 (3 days ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 01:11:06 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 21:11:00.042342 2026] [security2:error] [pid 17862:tid 17862] [client 2a06:a880:5:eff5::1:35186] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cephedanisman.com"] [uri "/.env"] [unique_id "ajXopJ06z1_tEp2yJeYv4QAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 22:36:29 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a06:a880:5:eff5::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:36:24.744748 2026] [security2:error] [pid 12179:tid 12179] [client 2a06:a880:5:eff5::1:48928] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.angelsofrhodeisland.com"] [uri "/.env"] [unique_id "ajXEaAl_b9L97zTh6qo9ZwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-19 22:34:05 (3 days ago)	(modsecurity) srv102 ModSecurity 2a06:a880:5:eff5::1 (NL/The Netherlands/-): 10 in the last 3600 sec ... show more (modsecurity) srv102 ModSecurity 2a06:a880:5:eff5::1 (NL/The Netherlands/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 Viveronese	2026-06-19 22:25:56 (3 days ago)	HTTP vulnerability scanning	Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇷 176.65.240.242

🇹🇭 147.50.231.135

🇮🇩 125.166.1.111

🇨🇳 117.158.21.113

🇯🇵 103.125.146.16

🇩🇪 46.225.226.77

🇳🇱 45.156.87.127

🇪🇸 5.182.83.231

🇺🇸 173.255.210.89

🇺🇸 157.245.245.246

🇮🇳 115.111.75.4

🇭🇰 104.208.108.166

🇮🇩 103.186.31.66

🇮🇳 103.89.234.201

🇰🇪 102.213.92.30

🇳🇱 91.92.40.4

🇹🇷 88.237.80.48

🇫🇷 82.66.64.41

🇸🇬 47.84.105.181

🇩🇪 212.227.31.187