JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:4780:3f:2073:0:149f:9f01:1

2a02:4780:3f:2073:0:149f:9f01:1 was found in our database!

This IP was reported 71 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hostinger International Limited
Usage Type	Content Delivery Network
ASN	AS47583
Domain Name	hostinger.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:4780:3f:2073:0:149f:9f01:1

Whois 2a02:4780:3f:2073:0:149f:9f01:1

IP Abuse Reports for 2a02:4780:3f:2073:0:149f:9f01:1:

This IP address has been reported a total of 71 times from 25 distinct sources. 2a02:4780:3f:2073:0:149f:9f01:1 was first reported on May 31st 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-06-04 18:21:18 (2 hours ago)	Try to access /backend/.env	Web App Attack
🇨🇭 4server	2026-06-04 16:54:07 (3 hours ago)	[ThuJun0418:54:00.4928432026][security2:error][pid868085:tid868376][client2a02:4780:3f:2073:0:149f:9 ... show more [ThuJun0418:54:00.4928432026][security2:error][pid868085:tid868376][client2a02:4780:3f:2073:0:149f:9f01:1:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"hosting-dominio.com\"][uri\"/.env\"][unique_id\"aiGtqE568WHFD_avkRClOwAAAIw\"] show less	Hacking Web App Attack
🇩🇪 macrob	2026-06-04 15:15:38 (5 hours ago)	2026/06/04 15:15:36 [error] 944311#944311: 280905173 access forbidden by rule, client: 2a02:4780:3f ... show more 2026/06/04 15:15:36 [error] 944311#944311: 280905173 access forbidden by rule, client: 2a02:4780:3f:2073:0:149f:9f01:1, server: bin-spin.com, request: "GET /admin/.env HTTP/1.1", host: "bin-spin.com" 2026/06/04 15:15:36 [error] 944311#944311: 280905175 access forbidden by rule, client: 2a02:4780:3f:2073:0:149f:9f01:1, server: bin-spin.com, request: "GET /.env HTTP/1.1", host: "bin-spin.com" 2026/06/04 15:15:36 [error] 944313#944313: 280905176 access forbidden by rule, client: 2a02:4780:3f:2073:0:149f:9f01:1, server: bin-spin.com, request: "GET /backend/.env HTTP/1.1", host: "bin-spin.com" ... show less	Web App Attack
🇩🇪 Ba-Yu	2026-06-04 15:08:14 (5 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇳🇱 e.fierstra	2026-06-04 05:24:46 (15 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-06-04 03:10:54 (17 hours ago)	[redacted] 2a02:4780:3f:2073:0:149f:9f01:1 - - [04/Jun/2026:04:10:52 +0100] "GET /.env HTTP/1.1" 302 ... show more [redacted] 2a02:4780:3f:2073:0:149f:9f01:1 - - [04/Jun/2026:04:10:52 +0100] "GET /.env HTTP/1.1" 302 5263 0/212123 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:3f:2073:0:149f:9f01:1 - - [04/Jun/2026:04:10:52 +0100] "GET /api/.env HTTP/1.1" 302 5295 0/142330 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" show less	Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-04 03:00:37 (17 hours ago)	Multiple WAF Violations	Web App Attack
🇹🇷 baku.hosting	2026-06-03 21:57:58 (22 hours ago)	CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 2a02:4780:3f:2073:0:149f:9f01: ... show more CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 2a02:4780:3f:2073:0:149f:9f01:1 (Unknown): 5 in the last 3600 secs show less	Brute-Force Web App Attack
🇩🇪 BlueWire Hosting	2026-06-03 17:10:35 (1 day ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇺🇸 interbiznw.com	2026-06-03 09:27:06 (1 day ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 XICTRON	2026-06-03 09:15:03 (1 day ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇩🇪 roxyapi	2026-06-03 07:19:58 (1 day ago)	Honeypot: automated vulnerability scan / web app attack. Last probe: GET /.env	Web App Attack Bad Web Bot
🇺🇸 WizardsToolkit	2026-06-03 04:47:32 (1 day ago)	attempted to access /app/.env	Web App Attack
🇮🇩 Burayot	2026-06-03 04:16:21 (1 day ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 2a02:4780:3f:2073:0:149f:9f01:1 (Unk ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 2a02:4780:3f:2073:0:149f:9f01:1 (Unknown): 1 in the last 3600 secs show less	Web App Attack
Anonymous	2026-06-03 00:05:08 (1 day ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack

Showing 1 to 15 of 71 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.196

🇧🇷 177.72.87.7

🇺🇸 165.154.182.223

🇺🇸 162.216.150.107

🇺🇸 66.132.172.123

🇫🇮 46.62.225.115

🇹🇿 41.59.230.218

🇨🇦 2607:5300:205:200::628d

🇨🇷 201.203.101.30

🇩🇪 195.248.243.247

🇺🇸 184.73.35.182

🇧🇷 177.61.176.110

🇫🇷 176.172.239.193

🇳🇱 176.65.148.242

🇺🇸 162.216.149.36

🇸🇪 138.124.71.25

🇧🇾 128.140.250.209

🇹🇭 118.175.93.34

🇮🇹 83.224.174.165

🇸🇬 45.78.206.111