JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:4780:a:2129:0:d40:4e69:1

2a02:4780:a:2129:0:d40:4e69:1 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 99%: ?

99%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hostinger International Limited
Usage Type	Content Delivery Network
ASN	AS47583
Domain Name	hostinger.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	Manchester, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:4780:a:2129:0:d40:4e69:1

Whois 2a02:4780:a:2129:0:d40:4e69:1

IP Abuse Reports for 2a02:4780:a:2129:0:d40:4e69:1:

This IP address has been reported a total of 53 times from 22 distinct sources. 2a02:4780:a:2129:0:d40:4e69:1 was first reported on June 6th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-09 05:14:21 (1 week ago)	12 attacks on env grabbing URLs: GET /laravel/.env HTTP/1.1	Hacking
🇳🇱 homeshowdomain.nl	2026-06-08 21:59:18 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07. show less	Web App Attack SSH Hacking
🇩🇪 tall1oN	2026-06-08 13:11:08 (1 week ago)	2a02:4780:a:2129:0:d40:4e69:1 - - [08/Jun/2026:15:11:08 +0200] "GET /core/.env.save HTTP/1.1" 206 40 ... show more 2a02:4780:a:2129:0:d40:4e69:1 - - [08/Jun/2026:15:11:08 +0200] "GET /core/.env.save HTTP/1.1" 206 4001 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" "plutoz.de" 2a02:4780:a:2129:0:d40:4e69:1 - - [08/Jun/2026:15:11:08 +0200] "GET /.env HTTP/1.1" 206 4001 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" "plutoz.de" ... show less	Web App Attack Port Scan Hacking
🇳🇱 e.fierstra	2026-06-08 12:04:23 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:32:14 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:32:09.514443 2026] [security2:error] [pid 10838:tid 10944] [client 2a02:4780:a:2129:0:d40:4e69:1:23928] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "danielkerr.com"] [uri "/.env.save"] [unique_id "aiZ-CYEIzUo_sHBIfuRmEAAAAdY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 08:05:46 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:05:41.469783 2026] [security2:error] [pid 19012:tid 19012] [client 2a02:4780:a:2129:0:d40:4e69:1:61458] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jdmicons.com"] [uri "/.env.save"] [unique_id "aiZ31atHk3tRA1TF7uMUPgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-06-08 06:56:34 (1 week ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:05:06 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:04:59.473406 2026] [security2:error] [pid 12068:tid 12068] [client 2a02:4780:a:2129:0:d40:4e69:1:48660] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nagareinkpaper.es"] [uri "/laravel/.env"] [unique_id "aiZbi7AJZdGjA9Cq4pZS8wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-06-08 05:13:24 (1 week ago)	12 attacks on env grabbing URLs: GET /core/.env.save HTTP/1.1	Hacking
🇺🇸 TPI-Abuse	2026-06-08 04:50:47 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:50:40.957196 2026] [security2:error] [pid 1523:tid 1523] [client 2a02:4780:a:2129:0:d40:4e69:1:55052] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robhoward.me"] [uri "/backend/.env"] [unique_id "aiZKIDGpGAPdFPgKCNOkTAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:20:10 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:20:02.781004 2026] [security2:error] [pid 9421:tid 9421] [client 2a02:4780:a:2129:0:d40:4e69:1:62216] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arellasoc.com"] [uri "/core/.env"] [unique_id "aiYm0r3zr3jOHXyLHgDdxwAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-08 01:54:21 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-08 01:39:46 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:39:41.476020 2026] [security2:error] [pid 5404:tid 5404] [client 2a02:4780:a:2129:0:d40:4e69:1:48946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fixmywellwater.com"] [uri "/backend/.env"] [unique_id "aiYdXXj3sqC8k3NCQNq7-gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 01:19:26 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in t ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:a:2129:0:d40:4e69:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:19:19.898528 2026] [security2:error] [pid 29859:tid 29859] [client 2a02:4780:a:2129:0:d40:4e69:1:26694] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "timezonespro.com"] [uri "/app/.env"] [unique_id "aiYYl2-Pc7j12tRD2KLF_AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-08 01:13:25 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 213.180.203.138

🇬🇧 193.104.58.21

🇷🇴 193.46.255.86

🇧🇷 164.163.105.145

🇻🇳 163.227.160.75

🇺🇸 136.117.188.177

🇯🇵 43.165.170.119

🇧🇪 198.235.24.152

🇧🇷 187.45.95.66

🇺🇸 162.243.0.195

🇨🇳 120.228.11.73

🇺🇸 103.234.62.70

🇮🇩 103.153.190.105

🇺🇸 52.160.224.116

🇧🇪 35.205.205.249

🇨🇳 222.214.141.12

🇮🇳 182.78.240.94

🇨🇳 111.23.146.60

🇭🇰 101.36.119.146

🇸🇬 34.158.63.207