JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:4780:27:1069:0:1641:559c:1

2a02:4780:27:1069:0:1641:559c:1 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 61%: ?

61%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hostinger International Limited
Usage Type	Content Delivery Network
ASN	AS47583
Domain Name	hostinger.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:4780:27:1069:0:1641:559c:1

Whois 2a02:4780:27:1069:0:1641:559c:1

IP Abuse Reports for 2a02:4780:27:1069:0:1641:559c:1:

This IP address has been reported a total of 42 times from 17 distinct sources. 2a02:4780:27:1069:0:1641:559c:1 was first reported on June 7th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-08 21:59:14 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07. show less	Web App Attack SSH Hacking
🇳🇱 Mangelot Hosting	2026-06-08 12:06:41 (2 weeks ago)	(modsecurity) srv102 ModSecurity 2a02:4780:27:1069:0:1641:559c:1 (FR/France/-): 10 in the last 3600 ... show more (modsecurity) srv102 ModSecurity 2a02:4780:27:1069:0:1641:559c:1 (FR/France/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 10:52:50 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:52:43.587810 2026] [security2:error] [pid 24818:tid 24818] [client 2a02:4780:27:1069:0:1641:559c:1:21720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newmooncafe.com"] [uri "/admin/.env"] [unique_id "aiae-1oYGY4QjSVysXUHoAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:17:01 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:16:55.967310 2026] [security2:error] [pid 27982:tid 27982] [client 2a02:4780:27:1069:0:1641:559c:1:19286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "springfieldtileexpert.com"] [uri "/core/.env"] [unique_id "aiZsZ1EWLf4hgWEOupZ1MQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:45:29 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:45:25.361089 2026] [security2:error] [pid 13548:tid 13562] [client 2a02:4780:27:1069:0:1641:559c:1:61916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mateo-abogados.com"] [uri "/api/.env"] [unique_id "aiZW9UMebAXUhqhMeQH2hgAAAUw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-06-08 05:13:30 (2 weeks ago)	12 attacks on env grabbing URLs: GET /laravel/.env HTTP/1.1	Hacking
🇫🇷 dynamix	2026-06-08 04:58:32 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 01:42:21 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:42:17.167366 2026] [security2:error] [pid 15473:tid 15473] [client 2a02:4780:27:1069:0:1641:559c:1:56318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gictd.com"] [uri "/api/.env.save"] [unique_id "aiYd-QrVkUafP46KaGPuoAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 22:36:32 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:36:26.695793 2026] [security2:error] [pid 14820:tid 14820] [client 2a02:4780:27:1069:0:1641:559c:1:39552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ags-ga.com"] [uri "/core/.env.save"] [unique_id "aiXyavPBaxMEFvmiLA1SZgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-07 21:20:34 (2 weeks ago)	Try to access /members/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 21:14:34 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:14:30.168519 2026] [security2:error] [pid 6838:tid 6838] [client 2a02:4780:27:1069:0:1641:559c:1:23922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flemingtonmartins.com"] [uri "/.env.save"] [unique_id "aiXfNsSEdIZKuk4lkG-50gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-06-07 21:10:20 (2 weeks ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇩🇪 LRob.fr	2026-06-07 19:45:05 (2 weeks ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-07 18:08:22 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 14:08:19.163135 2026] [security2:error] [pid 25168:tid 25174] [client 2a02:4780:27:1069:0:1641:559c:1:62366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "piazza9.com"] [uri "/laravel/.env"] [unique_id "aiWzk0fserLAMLwCzPh33AAAAMQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 17:46:33 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1069:0:1641:559c:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:46:30.896882 2026] [security2:error] [pid 964:tid 1090] [client 2a02:4780:27:1069:0:1641:559c:1:37364] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hivizhifun.com"] [uri "/dev/.env"] [unique_id "aiWudrU-uRyZDV-KCwG0UwAAAMs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 111.55.205.44

🇺🇸 100.58.248.204

🇺🇸 100.28.153.226

🇵🇰 210.87.64.31

🇳🇱 185.226.197.45

🇺🇸 143.42.1.189

🇺🇸 134.122.115.47

🇻🇳 103.163.214.149

🇺🇸 91.193.232.94

🇺🇸 44.179.237.60

🇷🇴 2.57.121.25

🇺🇸 2607:f8b0:4004:100d::127

🇺🇸 185.34.147.146

🇨🇳 183.6.115.88

🇩🇪 167.94.145.27

🇫🇷 91.196.152.105

🇺🇸 91.193.232.125

🇨🇦 85.217.149.33

🇷🇴 80.94.92.130

🇰🇷 58.224.62.29