2a02:4780:9:1728:0:30eb:aeed:1 was found in our database!
This IP was reported 50 times. Confidence of
Abuse
is 58%: ?
58%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
IP Abuse Reports for 2a02:4780:9:1728:0:30eb:aeed:1:
This IP address has been reported a total of
50
times from
20 distinct
sources.
2a02:4780:9:1728:0:30eb:aeed:1 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
[MonJun0814:48:25.4315672026][security2:error][pid1241132:tid1241243][client2a02:4780:9:1728:0:30eb: ...
show more[MonJun0814:48:25.4315672026][security2:error][pid1241132:tid1241243][client2a02:4780:9:1728:0:30eb:aeed:1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"parrocchiaditesserete.ch\"][uri\"/api/.env\"][unique_id\"aia6GVqVFw72ES_lnOL2XQAAAQc\"]
show less
[MonJun0808:43:42.0165662026][security2:error][pid2975638:tid2975841][client2a02:4780:9:1728:0:30eb: ...
show more[MonJun0808:43:42.0165662026][security2:error][pid2975638:tid2975841][client2a02:4780:9:1728:0:30eb:aeed:1:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"support-ticino.ch\"][uri\"/dev/.env\"][unique_id\"aiZknvHsrfUyjFY_uDT1dwAAAQM\"]
show less
byebyte.space auth: GET /dev/.env at 2026-06-07T23:06:02Z. Path on the WordPress / phpMyAdmin / .git ...
show morebyebyte.space auth: GET /dev/.env at 2026-06-07T23:06:02Z. Path on the WordPress / phpMyAdmin / .git / .env / shell probe list. Returned 404. UA: 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36'. Accept-Encoding: 'gzip, br'. Country (CF): LT. TLS info: {"scheme":"https"}.
show less