JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:4780:3f:1799:0:ad9:29bb:1

2a02:4780:3f:1799:0:ad9:29bb:1 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hostinger International Limited
Usage Type	Content Delivery Network
ASN	AS47583
Domain Name	hostinger.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:4780:3f:1799:0:ad9:29bb:1

Whois 2a02:4780:3f:1799:0:ad9:29bb:1

IP Abuse Reports for 2a02:4780:3f:1799:0:ad9:29bb:1:

This IP address has been reported a total of 52 times from 21 distinct sources. 2a02:4780:3f:1799:0:ad9:29bb:1 was first reported on June 2nd 2026, and the most recent report was 34 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-03 21:59:05 (34 minutes ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-02. show less	Web App Attack SSH Hacking
🇩🇪 IloGus	2026-06-03 18:45:15 (3 hours ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇩🇪 XICTRON	2026-06-03 18:00:07 (4 hours ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇹🇼 ip4.tw	2026-06-03 16:10:02 (6 hours ago)	Malicious web scan	Hacking Web App Attack
🇫🇷 Baking333	2026-06-03 14:48:58 (7 hours ago)	[redacted] 2a02:4780:3f:1799:0:ad9:29bb:1 - - [03/Jun/2026:15:48:56 +0100] "GET /laravel/.env HTTP/2 ... show more [redacted] 2a02:4780:3f:1799:0:ad9:29bb:1 - - [03/Jun/2026:15:48:56 +0100] "GET /laravel/.env HTTP/2.0" 301 298 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:3f:1799:0:ad9:29bb:1 - - [03/Jun/2026:15:48:56 +0100] "GET /backend/.env HTTP/2.0" 301 297 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 14:20:49 (8 hours ago)	(mod_security) mod_security (id:949110) triggered by 2a02:4780:3f:1799:0:ad9:29bb:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:949110) triggered by 2a02:4780:3f:1799:0:ad9:29bb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 10:20:44.159845 2026] [security2:error] [pid 12859:tid 12859] [client 2a02:4780:3f:1799:0:ad9:29bb:1:59744] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "theciber.com"] [uri "/laravel/.env"] [unique_id "aiA4PJM2fMIAhAQrEZfFSgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-03 13:38:27 (8 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 13:23:46 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:1799:0:ad9:29bb:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:1799:0:ad9:29bb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 09:23:40.360935 2026] [security2:error] [pid 12285:tid 12285] [client 2a02:4780:3f:1799:0:ad9:29bb:1:50832] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "texaslawman.net"] [uri "/.env"] [unique_id "aiAq3Ces_Hj-mkaloheqDwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 10:24:40 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:1799:0:ad9:29bb:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:1799:0:ad9:29bb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 06:24:35.646630 2026] [security2:error] [pid 15547:tid 15571] [client 2a02:4780:3f:1799:0:ad9:29bb:1:54700] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yubasutterphotographer.com"] [uri "/.env"] [unique_id "aiAA4wbkKi-_mpGskkD0yQAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Mundo Bueno	2026-06-03 05:51:28 (16 hours ago)	[ISILIA Protection v2.1] Tentative d'accès: /laravel/.env \| Pays: DE \| UA: Mozilla/5.0 (Macintosh; I ... show more [ISILIA Protection v2.1] Tentative d'accès: /laravel/.env \| Pays: DE \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4 show less	Hacking Web App Attack
🇫🇷 dynamix	2026-06-03 05:46:47 (16 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 05:44:06 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:1799:0:ad9:29bb:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:1799:0:ad9:29bb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:44:00.405786 2026] [security2:error] [pid 8315:tid 8315] [client 2a02:4780:3f:1799:0:ad9:29bb:1:22466] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thoughtage.com"] [uri "/api/.env"] [unique_id "ah-_IMcRgYpHNYebvpJGKgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-06-03 05:14:28 (17 hours ago)	7 attacks on env grabbing URLs: GET /core/.env HTTP/1.1	Hacking
🇫🇷 YF	2026-06-03 01:25:19 (21 hours ago)	Environment file probe	Web App Attack
🇩🇪 SCHAPPY	2026-06-03 01:11:58 (21 hours ago)	Mutliple attempts to access forbidden web resources, HTTP code 403.	Web App Attack

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.108.147.76

🇮🇶 81.22.35.238

🇩🇪 69.5.169.3

🇺🇸 66.132.172.34

🇩🇪 47.245.135.78

🇬🇧 37.10.113.218

🇨🇳 221.234.36.123

🇺🇸 205.210.31.103

🇭🇰 199.45.154.119

🇺🇸 195.184.76.125

🇧🇷 177.198.104.230

🇳🇱 109.106.244.93

🇺🇸 91.230.168.215

🇺🇸 91.230.168.89

🇮🇹 91.80.152.183

🇱🇹 45.227.254.170

🇺🇸 32.218.110.75

🇰🇷 211.106.137.135

🇺🇸 205.210.31.85

🇹🇼 198.235.24.78