JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c207:2273:9051::1

2a02:c207:2273:9051::1 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 75%: ?

75%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi2739051.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c207:2273:9051::1

Whois 2a02:c207:2273:9051::1

IP Abuse Reports for 2a02:c207:2273:9051::1:

This IP address has been reported a total of 33 times from 13 distinct sources. 2a02:c207:2273:9051::1 was first reported on June 11th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-16 10:57:47 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:57:42.361304 2026] [security2:error] [pid 30049:tid 30049] [client 2a02:c207:2273:9051::1:57284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.totalstorage.solutions"] [uri "/.env"] [unique_id "ajEsJvoPJ79pD8y6Ax_74QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 dtorrer	2026-06-16 09:24:48 (2 days ago)	General vulnerability scan.	Port Scan
🇺🇸 TPI-Abuse	2026-06-16 09:21:25 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 05:21:18.759784 2026] [security2:error] [pid 21393:tid 21393] [client 2a02:c207:2273:9051::1:46982] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "juca.com.mx"] [uri "/.env"] [unique_id "ajEVjgdPTgRbnndvY4i5DQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 06:28:53 (2 days ago)	(mod_security) mod_security (id:949110) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:949110) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:28:45.461671 2026] [security2:error] [pid 20970:tid 20970] [client 2a02:c207:2273:9051::1:39512] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.toxicnation.org"] [uri "/.env"] [unique_id "ajDtHQCtgBPPBVd25ufVWgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 06:08:37 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:08:31.057801 2026] [security2:error] [pid 16459:tid 16459] [client 2a02:c207:2273:9051::1:40602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.globalpackets.net"] [uri "/.env"] [unique_id "ajDoX8ULYv6dOtNXYKMwdwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-16 05:49:12 (2 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇩🇪 Gwyneth Llewelyn	2026-06-16 05:37:37 (2 days ago)	2026/06/16 06:37:35 [error] 1929837#1929837: 2411024 access forbidden by rule, client: 2a02:c207:22 ... show more 2026/06/16 06:37:35 [error] 1929837#1929837: 2411024 access forbidden by rule, client: 2a02:c207:2273:9051::1, server: [redacted], request: "GET /.env HTTP/1.1", host: "www.getasecondlife.net.cdn.cloudflare.net" 2a02:c207:2273:9051::1 - - [16/Jun/2026:06:37:35 +0100] "GET /.env HTTP/1.1" 403 1178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 2026/06/16 06:37:35 [error] 1929836#1929836: *2411023 access forbidden by rule, client: 2a02:c207:2273:9051::1, server: getasecondlife.net, request: "GET /.env HTTP/1.1", host: "getasecondlife.net", referrer: "https://www.getasecondlife.net/.env" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 05:34:05 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:34:01.354320 2026] [security2:error] [pid 8814:tid 8814] [client 2a02:c207:2273:9051::1:47956] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.geriart.net"] [uri "/.env"] [unique_id "ajDgST1szBq4CZwJ2EqZ6wAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 12:49:59 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:49:52.657387 2026] [security2:error] [pid 19572:tid 19572] [client 2a02:c207:2273:9051::1:33652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lo-family.org"] [uri "/.env"] [unique_id "ai_08MT4uf9TI979e8u_IgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Gwyneth Llewelyn	2026-06-15 12:29:31 (3 days ago)	2026/06/15 13:29:30 [error] 1929836#1929836: 2205156 access forbidden by rule, client: 2a02:c207:22 ... show more 2026/06/15 13:29:30 [error] 1929836#1929836: 2205156 access forbidden by rule, client: 2a02:c207:2273:9051::1, server: lisbon-pre-1755-earthquake.org, request: "GET /.env HTTP/2.0", host: "lisbon-pre-1755-earthquake.org", referrer: "https://www.lisbon-pre-1755-earthquake.org/.env" 2a02:c207:2273:9051::1 - - [15/Jun/2026:13:29:30 +0100] "GET /.env HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 2a02:c207:2273:9051::1 - - [15/Jun/2026:13:29:30 +0100] "GET /.env HTTP/2.0" 403 1045 "https://www.lisbon-pre-1755-earthquake.org/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" show less	Brute-Force Web App Attack
🇩🇪 Didier Lagaert	2026-06-15 12:08:34 (3 days ago)	lie-17 : Block hidden directories=>/.env(/)	Hacking
🇺🇸 TPI-Abuse	2026-06-15 12:01:47 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:01:42.761907 2026] [security2:error] [pid 4238:tid 4238] [client 2a02:c207:2273:9051::1:44414] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lexie.boens.org"] [uri "/.env"] [unique_id "ai_ppjCTS_rt_d-plPfd0QAAAC8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 07:26:22 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:26:17.155329 2026] [security2:error] [pid 21431:tid 21431] [client 2a02:c207:2273:9051::1:43180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "urrguide.com.coolingsprings.org"] [uri "/.env"] [unique_id "ai-pGRyzVq0-MtE_U3u2xwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:16:02 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:15:55.859515 2026] [security2:error] [pid 2978:tid 3003] [client 2a02:c207:2273:9051::1:39582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.12am.us"] [uri "/.env"] [unique_id "ai9gW-iWhE8cddwdJPxcpwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:32:40 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2273:9051::1 (vmi2739051.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:32:34.652257 2026] [security2:error] [pid 13652:tid 13652] [client 2a02:c207:2273:9051::1:59254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clinc.rcto.us"] [uri "/.env"] [unique_id "ai9WMr9QMpPOStlZ4vTZXQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.238

🇬🇧 193.163.125.85

🇳🇱 188.166.25.251

🇺🇸 157.245.9.59

🇨🇳 117.50.226.213

🇪🇸 200.234.236.58

🇬🇧 194.50.235.146

🇬🇧 193.163.125.3

🇷🇴 193.46.255.86

🇺🇸 192.178.115.212

🇷🇺 95.26.152.35

🇺🇿 84.54.70.79

🇺🇸 75.67.144.240

🇩🇪 69.5.169.238

🇻🇪 45.182.141.173

🇳🇱 5.255.117.127

🇳🇱 193.176.31.148

🇳🇱 176.65.148.158

🇧🇴 131.0.197.173

🇹🇭 118.193.56.171