JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c204:2273:4472::1

2a02:c204:2273:4472::1 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 87%: ?

87%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi2734472.contaboserver.net
Domain Name	contabo.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	Portsmouth, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c204:2273:4472::1

Whois 2a02:c204:2273:4472::1

IP Abuse Reports for 2a02:c204:2273:4472::1:

This IP address has been reported a total of 24 times from 15 distinct sources. 2a02:c204:2273:4472::1 was first reported on June 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-17 05:14:00 (1 day ago)	14 attacks on PHP URLs: POST /new/xmlrpc.php HTTP/1.1	Web App Attack
🇩🇪 london2038.com	2026-06-16 16:40:27 (1 day ago)	Attacking WordPress 2a02:c204:2273:4472::1 - - [16/Jun/2026:18:40:25 +0200] "POST /xmlrpc.php HTTP/1 ... show more Attacking WordPress 2a02:c204:2273:4472::1 - - [16/Jun/2026:18:40:25 +0200] "POST /xmlrpc.php HTTP/1.1" 503 18967 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇳🇱 Roderic	2026-06-16 13:23:28 (1 day ago)	(apache_scanners-2) Failed apache-scanners trigger with match [redacted])	Port Scan
🇪🇸 el-brujo	2026-06-16 12:15:27 (2 days ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 Action: managed_challenge Source: firewallManaged ASN Description: Contabo GmbH Country: GB Method: POST Timestamp: 2026-06-16T12:15:27Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 10:50:53 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 2a02:c204:2273:4472::1 (vmi2734472.contaboserve ... show more (mod_security) mod_security (id:225170) triggered by 2a02:c204:2273:4472::1 (vmi2734472.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:50:48.359557 2026] [security2:error] [pid 22491:tid 22508] [client 2a02:c204:2273:4472::1:38062] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|inal.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "inal.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajEqiO25Ms-cAh8CKGvmiAAAAc8"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-06-16 10:49:16 (2 days ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 Action: managed_challenge Source: firewallManaged ASN Description: Contabo GmbH Country: GB Method: POST Timestamp: 2026-06-16T10:49:16Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-06-16 09:51:44 (2 days ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: Contabo GmbH Country: GB Method: POST Timestamp: 2026-06-16T09:51:44Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-06-16 07:31:24 (2 days ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 Action: managed_challenge Source: firewallManaged ASN Description: Contabo GmbH Country: GB Method: POST Timestamp: 2026-06-16T07:31:24Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 tall1oN	2026-06-16 07:17:18 (2 days ago)	2a02:c204:2273:4472::1 - - [16/Jun/2026:09:17:12 +0200] "GET /xmlrpc.php HTTP/2.0" 200 10822 "http:/ ... show more 2a02:c204:2273:4472::1 - - [16/Jun/2026:09:17:12 +0200] "GET /xmlrpc.php HTTP/2.0" 200 10822 "http://diamondliferp.de/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" "diamondliferp.cc" 2a02:c204:2273:4472::1 - - [16/Jun/2026:09:17:17 +0200] "GET /xmlrpc.php HTTP/2.0" 200 6760 "http://diamondliferp.de/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" "diamondliferp.cc" ... show less	Web App Attack Port Scan Hacking
Anonymous	2026-06-16 04:13:10 (2 days ago)	Attac	Brute-Force
Anonymous	2026-06-15 10:52:35 (3 days ago)	"POST /xmlrpc.php HTTP/1.1"	Hacking Web App Attack
🇪🇸 el-brujo	2026-06-15 04:38:51 (3 days ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: Contabo GmbH Country: GB Method: POST Timestamp: 2026-06-15T04:38:51Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 PBC	2026-06-15 04:18:02 (3 days ago)	Automated exploit scan blocked by fail2ban	Brute-Force SSH
🇺🇸 ph	2026-06-15 04:03:51 (3 days ago)	Bad web bot attempting to run wp-json on non-WP site	Hacking Bad Web Bot Web App Attack
🇺🇸 masterguru	2026-06-15 03:36:49 (3 days ago)	(XMLRPC) WP XMLPRC Attack 2a02:c204:2273:4472::1 (vmi2734472.contaboserver.net): 10 in the last 3600 ... show more (XMLRPC) WP XMLPRC Attack 2a02:c204:2273:4472::1 (vmi2734472.contaboserver.net): 10 in the last 3600 secs (0-173) show less	Hacking

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 80.94.92.165

🇩🇿 197.204.173.173

🇷🇴 193.46.255.86

🇺🇸 172.234.217.129

🇺🇸 159.89.133.65

🇺🇸 107.167.34.125

🇿🇦 102.36.152.164

🇱🇹 81.30.98.158

🇺🇸 47.89.242.216

🇺🇸 43.159.149.56

🇺🇸 23.92.78.16

🇺🇸 20.127.170.172

🇺🇸 192.129.183.139

🇮🇷 164.215.156.139

🇺🇸 162.216.150.193

🇷🇴 80.94.92.186

🇫🇷 51.254.133.102

🇪🇨 45.184.226.43

🇮🇳 13.235.50.76

🇭🇰 8.218.43.248