JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a07:e042:1:182::1

2a07:e042:1:182::1 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 16%: ?

16%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hollander & Jacobsen UG (haftungsbeschraenkt)
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206075
Hostname(s)	tanja.tor-exit.mxmla.de
Domain Name	hollander-jacobsen.de
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a07:e042:1:182::1

Whois 2a07:e042:1:182::1

IP Abuse Reports for 2a07:e042:1:182::1:

This IP address has been reported a total of 88 times from 15 distinct sources. 2a07:e042:1:182::1 was first reported on November 10th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 11:05:43 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210492) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:05:37.500984 2026] [security2:error] [pid 6819:tid 6819] [client 2a07:e042:1:182::1:42462] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.technesa.com"] [uri "/.git/config"] [unique_id "aiKtgSPaLQjKW7ok0uXV9gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:12 (1 month ago)	2026-04-26 08:00:50,279 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e042:1:182::1 2026-04 ... show more 2026-04-26 08:00:50,279 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e042:1:182::1 2026-04-26 12:01:39,681 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e042:1:182::1 2026-04-26 18:01:37,304 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e042:1:182::1 2026-04-26 21:01:36,549 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e042:1:182::1 2026-04-27 00:04:10,740 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e042:1:182::1 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 01:51:44 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 21:51:36.209206 2026] [security2:error] [pid 12538:tid 12538] [client 2a07:e042:1:182::1:42482] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|arsndetx.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "arsndetx.com"] [uri "/detx_com.sql"] [unique_id "ae1vqIJs0SYJ-NlAx7m0vwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-04-24 15:44:45 (1 month ago)	Triggered Cloudflare WAF (firewallManaged) from T1. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from T1. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /wp-config.php~~~~ UA: Mozilla/5.0 (Linux; Android 4.1.2; SGH-I727R Build/JZO54K) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.169 Mobile Safari/537.22 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-08 05:51:48 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210492) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 01:51:40.308182 2026] [security2:error] [pid 1942162:tid 1942162] [client 2a07:e042:1:182::1:43018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "healingworksmassage.studio"] [uri "/wp-config.phpd"] [unique_id "adXs7MRQelQiTPKbT4sByQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-26 20:43:55 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-10 04:52:44 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 00:52:33.953585 2026] [security2:error] [pid 9450:tid 9450] [client 2a07:e042:1:182::1:54858] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lkabookkeeping.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lkabookkeeping.com"] [uri "/g_db.sql"] [unique_id "aa-jkf_20rn2PY4cegWrhwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-03-02 20:33:00 (3 months ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-25 11:56:50 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 06:56:40.518207 2026] [security2:error] [pid 7947:tid 7947] [client 2a07:e042:1:182::1:35108] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thesalonx.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thesalonx.com"] [uri "/data.sql"] [unique_id "aZ7jeBMRLlzC3DkkqzMKTQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-03 22:59:03 (4 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-02. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-02 11:48:29 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 02 06:48:19.951920 2026] [security2:error] [pid 14550:tid 14550] [client 2a07:e042:1:182::1:33404] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|roughexports.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "roughexports.com"] [uri "/roughexport.sql"] [unique_id "aYCPA9IyqBsOhT6JYMMVoQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 22:28:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210492) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 17:28:25.706837 2026] [security2:error] [pid 11259:tid 11259] [client 2a07:e042:1:182::1:33906] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.specialtycomputer.com"] [uri "/.git/config"] [unique_id "aXaZCSs4j8tIW9LWR-R0LwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 16:03:15 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 11:03:07.697430 2026] [security2:error] [pid 29676:tid 29676] [client 2a07:e042:1:182::1:54494] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kporterdesign.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kporterdesign.com"] [uri "/design.sql"] [unique_id "aWe-OxOzrc18tQDe33fYcQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-07 17:43:08 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 12:42:58.539225 2026] [security2:error] [pid 26667:tid 26667] [client 2a07:e042:1:182::1:34428] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|theseventhcongregationofladderdayvixens.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "theseventhcongregationofladderdayvixens.org"] [uri "/ofladderdayvixens_com.sql"] [unique_id "aV6bIgTJtfhJkABAVB9CyAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-04 20:20:20 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e042:1:182::1 (tanja.tor-exit.mxmla.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 04 15:20:13.932036 2026] [security2:error] [pid 31933:tid 31933] [client 2a07:e042:1:182::1:52792] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|tesacate.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tesacate.com"] [uri "/backupdb.sql"] [unique_id "aVrLfd4Ztffm_tzeptyp5wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 153.67.123.133

🇨🇳 119.255.245.44

🇳🇱 34.91.0.68

🇷🇴 2.57.121.25

🇧🇿 190.197.105.47

🇷🇺 176.109.97.11

🇸🇬 103.187.146.107

🇹🇼 198.235.24.17

🇳🇱 185.223.235.50

🇱🇹 141.98.11.117

🇺🇸 129.212.184.120

🇭🇰 40.83.92.30

🇺🇸 20.64.105.146

🇬🇧 2.58.172.222

🇨🇳 180.138.194.82

🇳🇱 172.94.9.136

🇭🇰 103.103.245.61

🇭🇰 101.36.109.176

🇧🇾 86.57.173.115

🇺🇸 66.132.195.68