JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2605:a142:2292:1195::1

2605:a142:2292:1195::1 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 57%: ?

57%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS40021
Hostname(s)	vmi2921195.contaboserver.net
Domain Name	contabo.com
Country	🇺🇸 United States of America
City	Orangeburg, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2605:a142:2292:1195::1

Whois 2605:a142:2292:1195::1

IP Abuse Reports for 2605:a142:2292:1195::1:

This IP address has been reported a total of 28 times from 9 distinct sources. 2605:a142:2292:1195::1 was first reported on June 11th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 23:43:54 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:43:48.195534 2026] [security2:error] [pid 28427:tid 28427] [client 2605:a142:2292:1195::1:36728] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.929.us"] [uri "/.env"] [unique_id "ajCONA1-iYMevR4QISqOiwAAAGQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 23:25:18 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:25:07.742379 2026] [security2:error] [pid 6665:tid 6665] [client 2605:a142:2292:1195::1:59198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vtmooses.us"] [uri "/.env"] [unique_id "ajCJ0wAcxv_ReEQnloTH9QAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 22:39:19 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:39:12.913155 2026] [security2:error] [pid 9693:tid 9693] [client 2605:a142:2292:1195::1:52722] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dosrios.com.mx"] [uri "/.env"] [unique_id "ai8tkAQpYLH2bzXSWec1oQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-14 22:03:47 (3 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-13. show less	Web App Attack SSH Hacking
🇧🇪 cmbplf	2026-06-14 20:46:15 (3 days ago)	253 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-14 19:28:53 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:28:48.319763 2026] [security2:error] [pid 1247:tid 1247] [client 2605:a142:2292:1195::1:41052] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hotelcasadelsol.casadelsolmexico.net"] [uri "/.env"] [unique_id "ai8A8Gg1vlOwU4j4Q1yw-wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-14 19:25:49 (3 days ago)	[SunJun1421:25:43.9551252026][security2:error][pid3629182:tid3629444][client2605:a142:2292:1195::1:0 ... show more [SunJun1421:25:43.9551252026][security2:error][pid3629182:tid3629444][client2605:a142:2292:1195::1:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.hosting-e-domini.net\"][uri\"/.env\"][unique_id\"ai8AN14YyZwaN-QrY3P4QwAAARY\"] show less	Hacking Web App Attack
🇳🇱 BlueWire Hosting	2026-06-14 17:46:29 (3 days ago)	Probing websites for vulnerabilities	Web App Attack
Anonymous	2026-06-14 17:44:51 (3 days ago)	apache-auth	Brute-Force Web App Attack
🇨🇭 YF	2026-06-14 15:05:13 (4 days ago)	Environment file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 01:58:08 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 21:58:02.452175 2026] [security2:error] [pid 31283:tid 31283] [client 2605:a142:2292:1195::1:47430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "noriega.us"] [uri "/.env"] [unique_id "ai4KquWvvhwA9V8hRQ7YEgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 01:34:10 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 21:34:03.545296 2026] [security2:error] [pid 22340:tid 22340] [client 2605:a142:2292:1195::1:58680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "netguard.us"] [uri "/.env"] [unique_id "ai4FC5--a9KwIBaL8W-k4QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 16:15:19 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 12:15:13.695262 2026] [security2:error] [pid 6293:tid 6293] [client 2605:a142:2292:1195::1:42878] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cederberg.es"] [uri "/.env"] [unique_id "ai2CESnFJh_YfJlUHiyrBgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 15:41:58 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2605:a142:2292:1195::1 (vmi2921195.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:41:51.570025 2026] [security2:error] [pid 26015:tid 26015] [client 2605:a142:2292:1195::1:51282] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "forwardfusion.co"] [uri "/.env"] [unique_id "ai16P-g1mDDhFWJ4RCokBAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-13 12:18:18 (5 days ago)	[SatJun1314:18:14.6177952026][security2:error][pid1082752:tid1083147][client2605:a142:2292:1195::1:0 ... show more [SatJun1314:18:14.6177952026][security2:error][pid1082752:tid1083147][client2605:a142:2292:1195::1:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.annunci-ticino.ch\"][uri\"/.env\"][unique_id\"ai1KhjzNGwaua6vuxt6XAQAAAIk\"] show less	Hacking Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.193.223.46

🇺🇸 107.151.196.42

🇨🇳 222.217.95.212

🇺🇸 216.218.206.115

🇻🇳 103.61.44.43

🇺🇸 54.202.75.85

🇳🇱 45.148.10.183

🇺🇸 3.87.27.156

🇮🇳 117.235.205.7

🇭🇰 199.45.155.106

🇭🇰 163.53.18.118

🇺🇸 135.237.125.132

🇻🇳 103.82.21.8

🇮🇩 36.79.238.140

🇧🇷 20.197.232.12

🇮🇳 4.240.96.30

🇳🇱 213.5.71.177

🇭🇰 199.45.155.92

🇨🇳 111.229.215.112

🇺🇸 52.251.16.28