JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c207:2068:3167::1

2a02:c207:2068:3167::1 was found in our database!

This IP was reported 265 times. Confidence of Abuse is 1%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi683167.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c207:2068:3167::1

Whois 2a02:c207:2068:3167::1

IP Abuse Reports for 2a02:c207:2068:3167::1:

This IP address has been reported a total of 265 times from 63 distinct sources. 2a02:c207:2068:3167::1 was first reported on August 15th 2023, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-02 06:24:57 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ... show more (mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 02:24:51.166315 2026] [security2:error] [pid 32363:tid 32363] [client 2a02:c207:2068:3167::1:56416] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.n4fh.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.n4fh.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah53M5JXmutpu_HEY9SfZQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 00:49:08 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ... show more (mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 20:49:06.009123 2026] [security2:error] [pid 18588:tid 18588] [client 2a02:c207:2068:3167::1:33936] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.innovacionesnimba.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.innovacionesnimba.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah4oglXNydDk5NSidEysmwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 17:02:29 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ... show more (mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 13:02:22.291683 2026] [security2:error] [pid 21925:tid 21946] [client 2a02:c207:2068:3167::1:48832] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.chelseyrae.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.chelseyrae.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah27Hid0vbEjaLV_yvHr8gAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 03:48:40 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ... show more (mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 23:48:36.023416 2026] [security2:error] [pid 12173:tid 12173] [client 2a02:c207:2068:3167::1:54780] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.constructionloansfunding.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.constructionloansfunding.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah0BFMetmLtpObOU2LVMHgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 20:53:59 (4 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ... show more (mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 16:53:52.571115 2026] [security2:error] [pid 6358:tid 6358] [client 2a02:c207:2068:3167::1:44218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.losbarbarosdelnorte.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.losbarbarosdelnorte.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahyf4CEDGRjgGR28EXJWuAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 14:02:39 (4 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ... show more (mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 10:02:32.773752 2026] [security2:error] [pid 13494:tid 13494] [client 2a02:c207:2068:3167::1:37016] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.infinityartistsgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.infinityartistsgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahw_eEXWhxI3HipfdY3VvAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 08:08:53 (4 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ... show more (mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 04:08:48.777294 2026] [security2:error] [pid 22214:tid 22214] [client 2a02:c207:2068:3167::1:37238] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.wpcoc.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wpcoc.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ahvskOJwMSqeKYytRZ8D3QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-03-07 11:16:24 (3 months ago)	Web App Attack	Web App Attack
🇨🇭 YF	2026-03-06 19:05:03 (3 months ago)	Unauthorized WordPress access attempt	Brute-Force Web App Attack
🇺🇸 Penny Packer	2026-03-06 14:55:50 (3 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇩🇪 big-cloud.nl	2026-03-05 16:16:19 (3 months ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 ipblock.com	2025-12-09 19:12:00 (6 months ago)	IPBlock protected site ID [4730-fr]. Major crawler impostor. Mozilla/5.0 (compatible; Googlebot/2. ... show more IPBlock protected site ID [4730-fr]. Major crawler impostor. Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) show less	Bad Web Bot
🇩🇪 stinpriza	2025-10-17 18:04:44 (8 months ago)	Web App Attack	Web App Attack
🇺🇸 myagent.site	2025-10-06 03:29:56 (8 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇩🇪 SpaceHost-Server	2025-07-29 22:29:50 (10 months ago)		Brute-Force Web App Attack

Showing 1 to 15 of 265 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.206.182.220

🇨🇦 85.217.149.28

🇨🇳 47.96.85.128

🇺🇸 44.202.77.53

🇬🇧 2a03:b0c0:1:e0:0:1:8a29:1001

🇺🇸 2001:470:1:fb5::187

🇵🇰 175.107.244.96

🇨🇳 171.108.182.228

🇮🇩 163.7.11.155

🇭🇰 144.48.243.18

🇬🇧 138.68.154.41

🇺🇸 104.243.35.45

🇺🇸 65.49.1.93

🇫🇷 62.210.142.162

🇺🇸 44.38.59.230

🇻🇳 42.96.20.16

🇯🇵 20.89.48.223

🇺🇸 18.207.79.144

🇨🇳 14.103.111.110

🇫🇷 5.39.1.238