JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:4780:b:1345:0:125f:f10f:1

2a02:4780:b:1345:0:125f:f10f:1 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 93%: ?

93%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hostinger International Limited
Usage Type	Content Delivery Network
ASN	AS47583
Domain Name	hostinger.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:4780:b:1345:0:125f:f10f:1

Whois 2a02:4780:b:1345:0:125f:f10f:1

IP Abuse Reports for 2a02:4780:b:1345:0:125f:f10f:1:

This IP address has been reported a total of 60 times from 17 distinct sources. 2a02:4780:b:1345:0:125f:f10f:1 was first reported on May 31st 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-04 15:33:22 (4 hours ago)	Multiple WAF Violations	Web App Attack
🇦🇺 Anytech	2026-06-04 14:10:01 (6 hours ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack
🇳🇱 BlueWire Hosting	2026-06-04 13:05:12 (7 hours ago)	Probing websites for vulnerabilities	Web App Attack
🇪🇸 alferez	2026-06-04 13:02:01 (7 hours ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇷🇺 Albram	2026-06-04 11:39:22 (8 hours ago)	Tries find Web server vulnerability (IP: 2a02:4780:b:1345:0:125f:f10f:1)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 10:10:44 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:b:1345:0:125f:f10f:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:b:1345:0:125f:f10f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 06:10:40.536143 2026] [security2:error] [pid 23050:tid 23050] [client 2a02:4780:b:1345:0:125f:f10f:1:34838] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citywidereo.com"] [uri "/app/.env"] [unique_id "aiFPIAtnETbnNES3DAW89AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-04 06:05:16 (14 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-06-04 05:13:36 (14 hours ago)	18 attacks on env grabbing URLs: GET /.env HTTP/1.1	Hacking
🇺🇸 TPI-Abuse	2026-06-04 03:41:10 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:b:1345:0:125f:f10f:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:b:1345:0:125f:f10f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 23:41:00.624633 2026] [security2:error] [pid 16402:tid 16402] [client 2a02:4780:b:1345:0:125f:f10f:1:35652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modestosoftwater.com"] [uri "/.env"] [unique_id "aiDzzPG-j-uH4x0NcFn5MgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-06-04 01:50:05 (18 hours ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-03 22:03:33 (22 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-02. show less	Web App Attack SSH Hacking
🇯🇵 bokumin.org	2026-06-03 21:00:04 (23 hours ago)	[id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [uri "/.env"] [id "949110"] [m ... show more [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [uri "/.env"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 19:13:29 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:b:1345:0:125f:f10f:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:b:1345:0:125f:f10f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 15:13:20.991403 2026] [security2:error] [pid 19813:tid 19813] [client 2a02:4780:b:1345:0:125f:f10f:1:33452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gfs-essl.com"] [uri "/core/.env"] [unique_id "aiB80ONmccth94m-RTM_qwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 14:09:19 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:4780:b:1345:0:125f:f10f:1 (Unknown): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a02:4780:b:1345:0:125f:f10f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 10:09:15.504698 2026] [security2:error] [pid 19347:tid 19347] [client 2a02:4780:b:1345:0:125f:f10f:1:45724] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jangamble.com"] [uri "/new/.env"] [unique_id "ah7kC_QNRjQhb0DngU0zZgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-02 12:51:26 (2 days ago)	[TueJun0214:51:22.8170652026][security2:error][pid137248:tid137380][client2a02:4780:b:1345:0:125f:f1 ... show more [TueJun0214:51:22.8170652026][security2:error][pid137248:tid137380][client2a02:4780:b:1345:0:125f:f10f:1:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"giuseppeasaro.com\"][uri\"/app/.env\"][unique_id\"ah7RyvryfKoHm-19T_rTNAAAARM\"] show less	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇦 154.144.225.226

🇺🇸 209.142.67.76

🇺🇸 173.255.223.73

🇺🇸 172.253.86.30

🇺🇸 162.216.149.231

🇺🇸 157.230.178.81

🇩🇪 157.230.20.55

🇵🇭 120.28.212.214

🇷🇴 92.118.39.236

🇹🇷 88.243.195.196

🇺🇸 43.166.245.172

🇦🇪 20.203.42.204

🇺🇸 20.172.6.64

🇩🇪 213.209.159.56

🇹🇭 203.150.107.244

🇺🇸 157.230.156.190

🇩🇪 157.230.104.231

🇩🇪 141.11.107.166

🇵🇱 92.55.226.249

🇷🇴 82.152.132.24