JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 145.79.28.102

145.79.28.102 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 100%: ?

100%

ISP	Hostinger International Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	hostinger.com
Country	🇲🇾 Malaysia
City	Kuala Lumpur, Kuala Lumpur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 145.79.28.102

Whois 145.79.28.102

IP Abuse Reports for 145.79.28.102:

This IP address has been reported a total of 25 times from 22 distinct sources. 145.79.28.102 was first reported on June 7th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 iNetWorker	2026-06-08 09:18:39 (2 hours ago)	trolling for resource vulnerabilities	Web App Attack
Anonymous	2026-06-08 07:19:56 (4 hours ago)	2026/06/08 07:19:55 [error] 4391#4391: 10793 [client 145.79.28.102] ModSecurity: Access denied with ... show more 2026/06/08 07:19:55 [error] 4391#4391: 10793 [client 145.79.28.102] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurity-crs-4.11.0/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "222"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "0"] [ver "OWASP_CRS/4.27.0"] [maturity "0"] [accuracy "0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "ingelmart.com"] [uri "/core/.env.save"] [unique_id "17809031953.623423"] [ref ""], client: 145.79.28.102, server: ingelmart.com, request: "GET /core/.env.save HTTP/1.1", host: "ingelmart.com" 2026/06/08 07:19:55 [error] 4395#4395: *10794 [client 145.79.28.102] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurit ... show less	Brute-Force
🇩🇪 EGP Abuse Dept	2026-06-08 05:50:22 (5 hours ago)	Scanning for web/db/file exploits on www.keuvelaaroptiek.nl	SQL Injection Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-06-08 04:32:50 (7 hours ago)	Login credentials theft attempt	Hacking
🇨🇭 Origon	2026-06-08 04:31:43 (7 hours ago)	http-sensitive-files - IP: 145.79.28.102 - time="2026-06-08T06:31:42+02:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 145.79.28.102 - time="2026-06-08T06:31:42+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 145.79.28.102 (MY/47583) : 4h ban on Ip 145.79.28.102" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:31:46 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 145.79.28.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 145.79.28.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:31:38.178949 2026] [security2:error] [pid 9715:tid 9715] [client 145.79.28.102:61270] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "holidaycalendarcards.com"] [uri "/api/.env"] [unique_id "aiYpiiCXa4nhpjyGaxWKCwAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-08 01:58:20 (9 hours ago)	Try to access /dev/.env	Web App Attack
🇵🇱 lns.bz	2026-06-08 01:29:16 (10 hours ago)	Web app attack [PL.Lu]	Exploited Host Web App Attack
🇦🇺 2000cn.com.au	2026-06-08 01:23:31 (10 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
Anonymous	2026-06-07 21:58:03 (13 hours ago)	Bot / scanning and/or hacking attempts: GET /core/.env HTTP/1.1, GET /dev/.env HTTP/1.1, GET /core/. ... show more Bot / scanning and/or hacking attempts: GET /core/.env HTTP/1.1, GET /dev/.env HTTP/1.1, GET /core/.env.save HTTP/1.1, GET /api/.env HTTP/1.1, GET /laravel/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /members/.env HTTP/1.1, GET /backend/.env HTTP/1.1, GET /admin/.env HTTP/1.1, GET /.env HTTP/1.1, GET /.env.save HTTP/1.1, GET /api/.env.save HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 21:01:47 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 145.79.28.102 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 145.79.28.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:01:42.175987 2026] [security2:error] [pid 14255:tid 14255] [client 145.79.28.102:53908] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "valarien.com"] [uri "/api/.env.save"] [unique_id "aiXcNv40CtzBS1ihM14DvAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 pipeline.es	2026-06-07 20:14:35 (15 hours ago)	Web scanning / probing for vulnerable paths	Port Scan Web App Attack
🇬🇧 sc user	2026-06-07 20:07:43 (15 hours ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
🇪🇸 pipeline.es	2026-06-07 19:08:40 (16 hours ago)	Web scanning / probing for vulnerable paths \| URL: /api/.env \| Evidence: iristourvacances.com 145.79 ... show more Web scanning / probing for vulnerable paths \| URL: /api/.env \| Evidence: iristourvacances.com 145.79.28.102 - - [07/Jun/2026:21:07:19 +0200] \"GET /api/.env HTTP/1.1\" 404 3532 \"https://iristour.es/api/.env\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36\" GEOIP_COUNTRY_CODE=MY \| ASN: Hostinger International Limited \| Country: MY show less	Port Scan Web App Attack
Anonymous	2026-06-07 19:05:14 (16 hours ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=24	Hacking

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.247.218.112

🇺🇿 213.230.86.152

🇩🇪 192.109.200.101

🇵🇱 185.241.208.231

🇸🇬 124.243.146.194

🇮🇳 122.176.230.126

🇨🇳 118.186.7.10

🇺🇸 65.49.1.222

🇨🇳 61.133.211.70

🇳🇱 45.148.10.157

🇮🇳 202.160.164.63

🇺🇸 47.253.218.190

🇺🇸 34.83.149.193

🇬🇧 198.244.183.0

🇸🇬 156.245.144.121

🇹🇷 88.244.72.136

🇨🇿 83.208.70.70

🇧🇾 37.213.41.13

🇺🇸 35.252.66.114

🇷🇴 2.57.121.25