JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:4780:11:1925:0:3936:94ec:1

2a02:4780:11:1925:0:3936:94ec:1 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 60%: ?

60%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	HOSTINGER IN
Usage Type	Content Delivery Network
ASN	AS47583
Domain Name	hostinger.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:4780:11:1925:0:3936:94ec:1

Whois 2a02:4780:11:1925:0:3936:94ec:1

IP Abuse Reports for 2a02:4780:11:1925:0:3936:94ec:1:

This IP address has been reported a total of 38 times from 12 distinct sources. 2a02:4780:11:1925:0:3936:94ec:1 was first reported on June 6th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 04:20:40 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:20:33.446651 2026] [security2:error] [pid 27198:tid 27198] [client 2a02:4780:11:1925:0:3936:94ec:1:47284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "handmrenovationsllc.com"] [uri "/admin/.env"] [unique_id "aiZDEX7R5jE7AjeLSM1wiAAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 01:52:31 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:52:25.263312 2026] [security2:error] [pid 26759:tid 26759] [client 2a02:4780:11:1925:0:3936:94ec:1:62184] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maerynray.com"] [uri "/admin/.env"] [unique_id "aiYgWRezK3zjNBQl7XLYVQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-08 01:21:01 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 00:48:55 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:48:51.942634 2026] [security2:error] [pid 2545:tid 2545] [client 2a02:4780:11:1925:0:3936:94ec:1:55502] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "avantgarde-hk.org"] [uri "/admin/.env"] [unique_id "aiYRc_AzhQVpOmFVna8cLgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-08 00:12:43 (1 week ago)	[MonJun0802:12:41.1057582026][security2:error][pid364751:tid364818][client2a02:4780:11:1925:0:3936:9 ... show more [MonJun0802:12:41.1057582026][security2:error][pid364751:tid364818][client2a02:4780:11:1925:0:3936:94ec:1:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"specialfood.ch\"][uri\"/app/.env\"][unique_id\"aiYI-QJDGAdo9cymuVAHSgAAAIA\"] show less	Port Scan Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-07 22:07:53 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-07 20:31:23 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:31:19.697175 2026] [security2:error] [pid 26528:tid 26528] [client 2a02:4780:11:1925:0:3936:94ec:1:51334] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gods-law.com"] [uri "/dev/.env"] [unique_id "aiXVFzptSYX_6u7a9xcF_wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 20:05:57 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:05:53.149895 2026] [security2:error] [pid 8886:tid 8886] [client 2a02:4780:11:1925:0:3936:94ec:1:30580] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiinlog.com"] [uri "/backend/.env"] [unique_id "aiXPIbLQOVzBXYXkQK7imQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-07 17:25:58 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 Allolatr	2026-06-07 17:12:26 (1 week ago)	Jun 7 19:12:26 [redacted] j443: 2a02:4780:11:1925:0:3936:94ec:1 [redacted].com "GET /core/.env HTTP/ ... show more Jun 7 19:12:26 [redacted] j443: 2a02:4780:11:1925:0:3936:94ec:1 [redacted].com "GET /core/.env HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" Jun 7 19:12:26 [redacted] j443: 2a02:4780:11:1925:0:3936:94ec:1 [redacted].com "GET /dev/.env HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" Jun 7 19:12:26 [redacted] j443: 2a02:4780:11:1925:0:3936:94ec:1 [redacted].com "GET /member/.env HTTP/1.1" 400 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 16:54:56 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:54:52.182335 2026] [security2:error] [pid 23011:tid 23024] [client 2a02:4780:11:1925:0:3936:94ec:1:38360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "callaplusfirst.com"] [uri "/admin/.env"] [unique_id "aiWiXJhuWghijXuLV_V6lgAAAck"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 16:29:35 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:29:28.482206 2026] [security2:error] [pid 491:tid 491] [client 2a02:4780:11:1925:0:3936:94ec:1:35334] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dwightbrown.com"] [uri "/core/.env"] [unique_id "aiWcaNjURoYk63g_otzXYAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 16:04:42 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:04:37.536116 2026] [security2:error] [pid 26867:tid 26867] [client 2a02:4780:11:1925:0:3936:94ec:1:33974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "articulaterecords.com"] [uri "/dev/.env"] [unique_id "aiWWlVND7AgCi713pOJNWQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 11:51:59 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 07:51:55.045782 2026] [security2:error] [pid 27731:tid 27731] [client 2a02:4780:11:1925:0:3936:94ec:1:57354] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garon.us"] [uri "/core/.env"] [unique_id "aiVbW8dELZ8JqVCm4vLk_wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 11:07:44 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1925:0:3936:94ec:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 07:07:36.081554 2026] [security2:error] [pid 6439:tid 6439] [client 2a02:4780:11:1925:0:3936:94ec:1:63986] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "97films.media"] [uri "/member/.env"] [unique_id "aiVQ-BzP-mis76kZw6V0AQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇴 23.148.24.117

🇹🇭 1.4.236.59

🇰🇷 222.239.251.12

🇰🇷 222.116.11.230

🇺🇸 212.15.80.72

🇧🇪 198.235.24.162

🇲🇿 197.219.208.38

🇮🇹 193.168.175.132

🇷🇺 178.176.250.149

🇧🇷 177.92.247.113

🇮🇩 163.7.1.156

🇨🇳 103.47.80.25

🇬🇧 78.149.150.27

🇺🇸 65.49.1.190

🇺🇸 64.62.156.125

🇺🇸 64.62.156.62

🇭🇰 43.132.189.34

🇨🇳 36.137.79.219

🇳🇱 34.6.222.245

🇨🇦 20.104.198.19