JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a09:bac5:27bb:2482::3a3:7

2a09:bac5:27bb:2482::3a3:7 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 68%: ?

68%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Cloudflare London, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a09:bac5:27bb:2482::3a3:7

Whois 2a09:bac5:27bb:2482::3a3:7

IP Abuse Reports for 2a09:bac5:27bb:2482::3a3:7:

This IP address has been reported a total of 13 times from 11 distinct sources. 2a09:bac5:27bb:2482::3a3:7 was first reported on June 26th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 e.fierstra	2026-06-28 05:00:46 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-28 03:32:04 (1 day ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇮🇹 VHosting	2026-06-28 01:30:05 (1 day ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-27 22:04:00 (1 day ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-26. show less	Web App Attack SSH Hacking
🇫🇷 dynamix	2026-06-27 00:22:54 (2 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 22:53:27 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 2a09:bac5:27bb:2482::3a3:7 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210730) triggered by 2a09:bac5:27bb:2482::3a3:7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 18:53:24.710767 2026] [security2:error] [pid 10976:tid 10976] [client 2a09:bac5:27bb:2482::3a3:7:25998] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.cae2.larryyang.net\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cae2.larryyang.net"] [uri "/wp-config.php.bak"] [unique_id "aj8C5MFQnejCi3WgZyzLLAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 22:30:21 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a09:bac5:27bb:2482::3a3:7 (Unknown): 1 in the ... show more (mod_security) mod_security (id:210492) triggered by 2a09:bac5:27bb:2482::3a3:7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 18:30:16.294592 2026] [security2:error] [pid 24225:tid 24225] [client 2a09:bac5:27bb:2482::3a3:7:45388] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrgutierrezshow.com"] [uri "/.env"] [unique_id "aj79eIaGAq5K9dgE7v9hpAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 mrcrassi	2026-06-26 20:46:40 (2 days ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (HEAD met ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (HEAD method) Endpoint: /wp-config.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇹 VHosting	2026-06-26 20:30:03 (2 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-26 17:36:03 (3 days ago)	113 requests with url.path *config.json	Brute-Force Bad Web Bot
🇺🇸 Vano Ganzzz	2026-06-26 16:02:57 (3 days ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK ASN: 13335 (Cloudflare, Inc. ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK ASN: 13335 (Cloudflare, Inc.) Protocol: HTTP/1.1 (HEAD method) Endpoint: /config.yml Timestamp: 2026-06-26T16:02:57Z Ray ID: a11d707698c9db0a UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ChatGPT-User/1.0; +https://openai.com/bot) show less	Bad Web Bot
🇩🇪 Starburst SysOp Team	2026-06-26 15:33:43 (3 days ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-nue6-2)	Hacking Web App Attack
🇩🇪 Jarda_H	2026-06-26 10:39:18 (3 days ago)	http-sensitive-files	Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 185.30.32.68

🇺🇸 162.216.149.182

🇮🇳 157.20.215.123

🇩🇪 147.90.209.4

🇬🇧 90.214.161.121

🇫🇷 80.215.150.117

🇧🇬 78.128.113.74

🇸🇬 47.84.205.178

🇺🇸 44.238.254.16

🇬🇧 35.203.211.148

🇩🇪 8.211.12.142

🇺🇸 3.129.187.38

🇵🇭 126.209.110.125

🇸🇬 118.26.111.107

🇸🇬 103.189.235.182

🇬🇧 95.154.252.126

🇩🇪 91.99.31.242

🇹🇭 61.19.69.203

🇳🇱 45.153.34.114

🇵🇱 45.38.156.167