JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c206:2242:2750::1

2a02:c206:2242:2750::1 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 74%: ?

74%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi2422750.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c206:2242:2750::1

Whois 2a02:c206:2242:2750::1

IP Abuse Reports for 2a02:c206:2242:2750::1:

This IP address has been reported a total of 56 times from 19 distinct sources. 2a02:c206:2242:2750::1 was first reported on June 6th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Viveronese	2026-06-09 13:13:49 (2 weeks ago)	HTTP vulnerability scanning	Web App Attack
🇳🇱 e.fierstra	2026-06-09 13:00:33 (2 weeks ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-09 12:21:17 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Melle	2026-06-09 11:37:52 (2 weeks ago)	Blocked by CrowdSec \| Scenario: crowdsecurity/http-sensitive-files \| 2a02:c206:2242:2750::1 triggere ... show more Blocked by CrowdSec \| Scenario: crowdsecurity/http-sensitive-files \| 2a02:c206:2242:2750::1 triggered 5 events \| Detected: 2026-06-09T11:37:50.852294331Z show less	Web App Attack Hacking
🇩🇪 BlueWire Hosting	2026-06-09 10:31:42 (2 weeks ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇺🇸 TPI-Abuse	2026-06-09 10:07:22 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c206:2242:2750::1 (vmi2422750.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c206:2242:2750::1 (vmi2422750.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:07:14.734520 2026] [security2:error] [pid 20302:tid 20302] [client 2a02:c206:2242:2750::1:44588] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bullsalerts.com"] [uri "/admin/.env"] [unique_id "aifl0jbrjBvF329MGGDs7wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-09 08:54:23 (2 weeks ago)	1.123 requests with url.path *.env	Brute-Force Bad Web Bot
🇳🇱 Savvii	2026-06-09 07:57:37 (2 weeks ago)	20 attempts against mh-misbehave-ban on solar	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-08 17:49:29 (2 weeks ago)	[MonJun0819:49:25.7008952026][security2:error][pid1609967:tid1610016][client2a02:c206:2242:2750::1:0 ... show more [MonJun0819:49:25.7008952026][security2:error][pid1609967:tid1610016][client2a02:c206:2242:2750::1:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"aaaa6877.org\"][uri\"/member/.env\"][unique_id\"aicApeeill-8yb-Rgq3y4wAAAEM\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-06-08 15:58:54 (2 weeks ago)	Try to access /stellingia/app/.env	Web App Attack
🇺🇸 WellSpring	2026-06-08 14:53:40 (2 weeks ago)	env leak on 503.today/laravel/.env — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 14:22:16 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c206:2242:2750::1 (vmi2422750.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c206:2242:2750::1 (vmi2422750.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:22:09.096414 2026] [security2:error] [pid 13283:tid 13283] [client 2a02:c206:2242:2750::1:45280] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "farsipraiseclub.com"] [uri "/member/.env"] [unique_id "aibQEWkA5BcIqP2MNTBbRQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-08 12:39:54 (2 weeks ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 gadix	2026-06-08 12:19:49 (2 weeks ago)	[08/Jun/2026:14:19:47.976867 +0200] aiazY2t5xnxGm-3OfYJUvgAAAAk 2a02:c206:2242:2750::1 50448 127.0.0 ... show more [08/Jun/2026:14:19:47.976867 +0200] aiazY2t5xnxGm-3OfYJUvgAAAAk 2a02:c206:2242:2750::1 50448 127.0.0.1 7081 [08/Jun/2026:14:19:47.979081 +0200] aiazY8XUavTqqO_xFOWLbAAAANM 2a02:c206:2242:2750::1 50428 127.0.0.1 7081 [08/Jun/2026:14:19:47.980063 +0200] aiazY-4n7V3YeSXHOLRXjgAAARI 2a02:c206:2242:2750::1 50442 127.0.0.1 7081 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 10:08:21 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c206:2242:2750::1 (vmi2422750.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c206:2242:2750::1 (vmi2422750.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:08:16.279368 2026] [security2:error] [pid 10837:tid 10899] [client 2a02:c206:2242:2750::1:44192] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcprocapital.com"] [uri "/.env"] [unique_id "aiaUkKbkaScq1ZGEsERv_AAAAYI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.255

🇺🇸 185.215.181.205

🇫🇷 92.205.109.21

🇰🇷 39.115.137.14

🇧🇦 195.222.57.190

🇳🇱 185.189.182.234

🇨🇳 182.204.178.125

🇨🇳 180.159.55.70

🇮🇱 176.231.151.40

🇺🇸 146.88.241.150

🇷🇴 141.98.83.240

🇫🇷 90.84.174.194

🇧🇷 20.226.42.95

🇧🇷 20.226.41.15

🇮🇩 202.150.86.18

🇧🇪 198.235.24.195

🇷🇴 193.32.162.84

🇺🇸 173.239.221.16

🇺🇸 172.234.25.61

🇺🇸 172.56.218.27