JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:4780:11:2096:0:10aa:b9d1:1

2a02:4780:11:2096:0:10aa:b9d1:1 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 63%: ?

63%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	HOSTINGER IN
Usage Type	Content Delivery Network
ASN	AS47583
Domain Name	hostinger.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:4780:11:2096:0:10aa:b9d1:1

Whois 2a02:4780:11:2096:0:10aa:b9d1:1

IP Abuse Reports for 2a02:4780:11:2096:0:10aa:b9d1:1:

This IP address has been reported a total of 41 times from 10 distinct sources. 2a02:4780:11:2096:0:10aa:b9d1:1 was first reported on May 31st 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 BlueWire Hosting	2026-06-02 02:14:27 (2 days ago)	Probing websites for vulnerabilities	Web App Attack
🇫🇷 Baking333	2026-06-02 01:32:06 (2 days ago)	[redacted] 2a02:4780:11:2096:0:10aa:b9d1:1 - - [02/Jun/2026:02:32:04 +0100] "GET /new/.env HTTP/1.1" ... show more [redacted] 2a02:4780:11:2096:0:10aa:b9d1:1 - - [02/Jun/2026:02:32:04 +0100] "GET /new/.env HTTP/1.1" 302 5303 0/141257 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:11:2096:0:10aa:b9d1:1 - - [02/Jun/2026:02:32:04 +0100] "GET /member/.env HTTP/1.1" 302 5303 0/178351 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:11:2096:0:10aa:b9d1:1 - - [02/Jun/2026:02:32:04 +0100] "GET /app/.env HTTP/1.1" 302 5303 0/160347 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 01:14:58 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 21:14:51.344574 2026] [security2:error] [pid 15216:tid 15216] [client 2a02:4780:11:2096:0:10aa:b9d1:1:35576] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wiainvestigation.com"] [uri "/.env"] [unique_id "ah4ui-2Kpu0GPTlhpj39cQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 23:57:06 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 19:57:01.937656 2026] [security2:error] [pid 17573:tid 17573] [client 2a02:4780:11:2096:0:10aa:b9d1:1:29262] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "twogocamping.com"] [uri "/app/.env"] [unique_id "ah4cTUKmk0pJGegZt_5BxgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 21:27:05 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 17:26:57.751855 2026] [security2:error] [pid 10414:tid 10414] [client 2a02:4780:11:2096:0:10aa:b9d1:1:23876] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tgcindustrial.com"] [uri "/dev/.env"] [unique_id "ah35IQSe3wiZOQ48-I86igAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 21:10:39 (2 days ago)	(mod_security) mod_security (id:949110) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:949110) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 17:10:36.409490 2026] [security2:error] [pid 7334:tid 7334] [client 2a02:4780:11:2096:0:10aa:b9d1:1:53018] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "motunaonaobookings.com"] [uri "/app/.env"] [unique_id "ah31TCy27Y2qdE0CIK_vyQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 20:42:39 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:42:32.098174 2026] [security2:error] [pid 22291:tid 22291] [client 2a02:4780:11:2096:0:10aa:b9d1:1:47356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ceta-arts.com"] [uri "/new/.env"] [unique_id "ah3uuP2ABa4SeK1UDTrjRQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 20:06:00 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:05:56.524021 2026] [security2:error] [pid 11216:tid 11216] [client 2a02:4780:11:2096:0:10aa:b9d1:1:46644] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "innolympics.com"] [uri "/member/.env"] [unique_id "ah3mJDetcomWDxQHe5Gw9AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 19:15:43 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 15:15:39.565686 2026] [security2:error] [pid 21240:tid 21240] [client 2a02:4780:11:2096:0:10aa:b9d1:1:26750] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ezsmiledental.com"] [uri "/core/.env"] [unique_id "ah3aW-QyKae_OCfAJNoDSQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 18:53:51 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 14:53:46.050717 2026] [security2:error] [pid 30513:tid 30513] [client 2a02:4780:11:2096:0:10aa:b9d1:1:45430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zittema.com"] [uri "/new/.env"] [unique_id "ah3VOpSX6rTcwIrna1NzuAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 18:19:22 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 14:19:16.755180 2026] [security2:error] [pid 8411:tid 8411] [client 2a02:4780:11:2096:0:10aa:b9d1:1:18802] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sawmat.com"] [uri "/.env"] [unique_id "ah3NJPR7rbSvUcGWfWKz4AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 15:59:34 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 11:59:27.671104 2026] [security2:error] [pid 25235:tid 25235] [client 2a02:4780:11:2096:0:10aa:b9d1:1:44102] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ilanknapp.com"] [uri "/api/.env"] [unique_id "ah2sX6mWxC3lP44trUggxAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-06-01 15:36:41 (2 days ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-06-01 14:47:23 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 10:47:17.074422 2026] [security2:error] [pid 17225:tid 17225] [client 2a02:4780:11:2096:0:10aa:b9d1:1:62714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smartstylehair.com"] [uri "/api/.env"] [unique_id "ah2bdbkgNubsXwb6WEvwpQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 baku.hosting	2026-06-01 12:16:59 (2 days ago)	CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 2a02:4780:11:2096:0:10aa:b9d1: ... show more CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 2a02:4780:11:2096:0:10aa:b9d1:1 (Unknown): 5 in the last 3600 secs show less	Brute-Force Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇴🇲 145.224.121.48

🇺🇸 135.237.122.184

🇺🇸 66.132.195.123

🇨🇦 20.220.34.26

🇺🇸 13.89.124.214

🇧🇪 198.235.24.182

🇲🇽 186.96.145.241

🇩🇪 164.90.228.101

🇺🇸 157.245.123.148

🇰🇷 112.216.129.27

🇷🇴 2.57.122.177

🇨🇷 200.229.8.181

🇳🇱 185.93.89.167

🇫🇷 176.125.224.179

🇸🇬 159.223.53.52

🇭🇰 150.5.169.138

🇫🇮 147.185.133.160

🇺🇸 91.230.168.31

🇺🇸 91.230.168.2

🇳🇱 45.148.10.157