JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:4780:9:1136:0:1099:fa8d:1

2a02:4780:9:1136:0:1099:fa8d:1 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 52%: ?

52%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hostinger International Limited
Usage Type	Content Delivery Network
ASN	AS47583
Domain Name	hostinger.com
Country	🇱🇹 Lithuania
City	Vilnius, Vilnius

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:4780:9:1136:0:1099:fa8d:1

Whois 2a02:4780:9:1136:0:1099:fa8d:1

IP Abuse Reports for 2a02:4780:9:1136:0:1099:fa8d:1:

This IP address has been reported a total of 41 times from 14 distinct sources. 2a02:4780:9:1136:0:1099:fa8d:1 was first reported on June 6th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-09 05:14:11 (2 weeks ago)	12 attacks on env grabbing URLs: GET /app/.env HTTP/1.1	Hacking
🇳🇱 sernate	2026-06-08 12:19:25 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 10 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC show less	Brute-Force
🇩🇪 4server	2026-06-08 11:47:16 (2 weeks ago)	[MonJun0813:47:13.3102472026][security2:error][pid1180841:tid1180923][client2a02:4780:9:1136:0:1099: ... show more [MonJun0813:47:13.3102472026][security2:error][pid1180841:tid1180923][client2a02:4780:9:1136:0:1099:fa8d:1:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"bno.ch\"][uri\"/app/.env\"][unique_id\"aiarwerdTARFgXmv5F56oAAAAIs\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 10:32:41 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:32:35.375534 2026] [security2:error] [pid 29240:tid 29240] [client 2a02:4780:9:1136:0:1099:fa8d:1:51880] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "areaware-archive.com"] [uri "/core/.env.save"] [unique_id "aiaaQ_8KH68LJuU4GOyxnQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 XICTRON	2026-06-08 09:40:07 (2 weeks ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇩🇪 BlueWire Hosting	2026-06-08 08:46:59 (2 weeks ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇺🇸 TPI-Abuse	2026-06-08 07:28:30 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:28:25.876370 2026] [security2:error] [pid 11549:tid 11549] [client 2a02:4780:9:1136:0:1099:fa8d:1:18818] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bcmech.com"] [uri "/.env.save"] [unique_id "aiZvGX61RM2q2ijNH_gMrQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WellSpring	2026-06-08 07:06:04 (2 weeks ago)	env leak on 570.today/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 05:58:03 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:57:56.657491 2026] [security2:error] [pid 31066:tid 31066] [client 2a02:4780:9:1136:0:1099:fa8d:1:57894] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alkahf.xyz"] [uri "/api/.env"] [unique_id "aiZZ5MLeWL3GmdYOlKCedgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-08 04:08:06 (2 weeks ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:17:18 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:17:11.355143 2026] [security2:error] [pid 2603:tid 2603] [client 2a02:4780:9:1136:0:1099:fa8d:1:65352] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aarce.me"] [uri "/core/.env"] [unique_id "aiYmJ1rrf08fAqr2Q1jDZAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 01:52:14 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:52:07.548343 2026] [security2:error] [pid 22068:tid 22068] [client 2a02:4780:9:1136:0:1099:fa8d:1:42956] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kristywernerauthor.com"] [uri "/dev/.env"] [unique_id "aiYgRzvmMGGJLefz4TRC9gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-07 22:08:03 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-07 20:45:24 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:45:16.787997 2026] [security2:error] [pid 23228:tid 23228] [client 2a02:4780:9:1136:0:1099:fa8d:1:49452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "secureinitiatives.com"] [uri "/.env.save"] [unique_id "aiXYXHDH8bAdwHkNDhQ7ZQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 20:11:13 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:9:1136:0:1099:fa8d:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:11:08.041756 2026] [security2:error] [pid 1364:tid 1364] [client 2a02:4780:9:1136:0:1099:fa8d:1:19730] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sizefinder.com"] [uri "/api/.env"] [unique_id "aiXQXG3C48P0UKc2R33PfAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.108.46.6

🇺🇸 165.227.81.10

🇯🇵 111.238.174.6

🇧🇬 93.152.221.118

🇳🇱 195.178.110.30

🇮🇩 157.15.116.114

🇰🇷 121.132.27.238

🇮🇳 103.54.101.248

🇳🇱 91.92.40.13

🇫🇷 51.68.247.207

🇸🇰 213.81.199.115

🇩🇪 178.142.69.16

🇵🇱 172.253.13.211

🇻🇳 118.69.226.76

🇺🇸 20.80.88.160

🇩🇪 152.53.191.128

🇺🇸 147.185.132.138

🇮🇷 31.7.66.163

🇮🇩 163.7.9.84

🇨🇳 119.116.69.246