JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a09:bac1:7680:56b0::f:398

2a09:bac1:7680:56b0::f:398 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 2%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Cloudflare London, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	Flower Mound, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a09:bac1:7680:56b0::f:398

Whois 2a09:bac1:7680:56b0::f:398

IP Abuse Reports for 2a09:bac1:7680:56b0::f:398:

This IP address has been reported a total of 8 times from 1 distinct source. 2a09:bac1:7680:56b0::f:398 was first reported on May 19th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 06:25:15 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:25:06.936867 2026] [security2:error] [pid 18475:tid 18475] [client 2a09:bac1:7680:56b0::f:398:25162] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|d-sinema.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "d-sinema.com"] [uri "/"] [unique_id "aiJrwv1HQRkd3xRMe4fjzAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 02:01:17 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 22:01:11.827720 2026] [security2:error] [pid 15197:tid 15234] [client 2a09:bac1:7680:56b0::f:398:58684] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|greaternorthmiami.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "greaternorthmiami.org"] [uri "/"] [unique_id "ah-K51iV5W5hYJxKZb_DgQAAAME"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 19:48:38 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:48:35.132838 2026] [security2:error] [pid 6653:tid 6743] [client 2a09:bac1:7680:56b0::f:398:11450] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.stone-doyle.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.stone-doyle.com"] [uri "/403.shtml"] [unique_id "ah8zk_-8bIux7aY8NFQryQAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 02:22:16 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 22:22:09.413090 2026] [security2:error] [pid 13811:tid 13811] [client 2a09:bac1:7680:56b0::f:398:57126] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|xyncom.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "xyncom.com"] [uri "/"] [unique_id "ahubUc2d5FQpPkX9dPelywAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 07:08:27 (4 weeks ago)	(mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 03:08:23.498087 2026] [security2:error] [pid 1280:tid 1280] [client 2a09:bac1:7680:56b0::f:398:14114] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.joeordie.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.joeordie.com"] [uri "/"] [unique_id "ahfp5xGLx8yQNfsPgsFa4QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 08:51:29 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 04:51:26.344010 2026] [security2:error] [pid 17236:tid 17236] [client 2a09:bac1:7680:56b0::f:398:16980] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|veenstras.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "veenstras.com"] [uri "/"] [unique_id "ahawjqGSHuyL9xEqwtH7BAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 12:17:00 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 08:16:53.459532 2026] [security2:error] [pid 19958:tid 20013] [client 2a09:bac1:7680:56b0::f:398:20842] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jofdt.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jofdt.com"] [uri "/"] [unique_id "ahQ9tfQ3EVE_DRpDK-dchwAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 07:54:15 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210350) triggered by 2a09:bac1:7680:56b0::f:398 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 03:54:07.713880 2026] [security2:error] [pid 30784:tid 30784] [client 2a09:bac1:7680:56b0::f:398:41840] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|eandgenergy.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "eandgenergy.com"] [uri "/"] [unique_id "agwXH2EPoPXGLFA546wEFQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.206.24.238

🇧🇪 198.235.24.231

🇬🇧 193.163.125.94

🇲🇽 187.216.224.85

🇨🇦 167.99.182.39

🇻🇳 125.212.235.194

🇳🇱 45.148.10.141

🇮🇩 34.34.223.108

🇺🇸 20.121.46.95

🇻🇳 14.177.59.5

🇷🇴 2.57.122.150

🇨🇳 222.242.237.162

🇰🇷 221.147.160.73

🇨🇳 218.23.223.168

🇺🇸 216.180.246.46

🇰🇷 210.206.24.237

🇳🇱 195.178.110.232

🇮🇶 185.24.61.79

🇷🇺 178.178.222.61

🇷🇺 176.119.241.130