JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c207:2316:2392::1

2a02:c207:2316:2392::1 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 43%: ?

43%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3162392.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c207:2316:2392::1

Whois 2a02:c207:2316:2392::1

IP Abuse Reports for 2a02:c207:2316:2392::1:

This IP address has been reported a total of 17 times from 10 distinct sources. 2a02:c207:2316:2392::1 was first reported on April 30th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 22:04:02 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15. show less	Web App Attack SSH Hacking
🇬🇧 openstrike.co.uk	2026-06-16 05:14:25 (1 week ago)	6 attacks on env grabbing URLs: GET /app/.env HTTP/1.1	Hacking
🇺🇸 TPI-Abuse	2026-06-15 20:33:49 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:33:45.636226 2026] [security2:error] [pid 15052:tid 15052] [client 2a02:c207:2316:2392::1:46248] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oposicionesyconcursos.es"] [uri "/app/.env"] [unique_id "ajBhqb-tJNPha54AjbnEFwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:23:56 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:23:51.447273 2026] [security2:error] [pid 23991:tid 24057] [client 2a02:c207:2316:2392::1:36568] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "charbelaj.com"] [uri "/api/.env"] [unique_id "ajBRRzd051oF-Y7tvtxm1wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 YF	2026-06-15 19:20:11 (1 week ago)	Environment file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:52:35 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:52:31.538490 2026] [security2:error] [pid 23567:tid 23567] [client 2a02:c207:2316:2392::1:59714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "megaandina.com"] [uri "/.env"] [unique_id "ajA73xZXAH9452ecCXfh9gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:28:48 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:28:41.437775 2026] [security2:error] [pid 22765:tid 22815] [client 2a02:c207:2316:2392::1:34566] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "missmadlove.com"] [uri "/.env"] [unique_id "ajA2SWrGd0hRg79DXD_CKAAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-15 14:57:42 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-06-15 12:47:54 (1 week ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 12:04:48 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:04:42.951714 2026] [security2:error] [pid 28382:tid 28382] [client 2a02:c207:2316:2392::1:39552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hipstan.com"] [uri "/.env"] [unique_id "ai_qWkkRwD6SJIaPv02wJgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 09:23:16 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:23:13.544824 2026] [security2:error] [pid 22303:tid 22397] [client 2a02:c207:2316:2392::1:34758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrowsinthequiver.com"] [uri "/api/.env"] [unique_id "ai_Ega5Ho5XEFmKY4dawlwAAAQc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 09:04:21 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:04:18.441779 2026] [security2:error] [pid 27163:tid 27163] [client 2a02:c207:2316:2392::1:48626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emmlogistics.com"] [uri "/.env"] [unique_id "ai_AEsigHN6KD7gevP8gCgAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 08:34:33 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2316:2392::1 (vmi3162392.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:34:26.543120 2026] [security2:error] [pid 4541:tid 4541] [client 2a02:c207:2316:2392::1:37140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sigrc.org"] [uri "/.env"] [unique_id "ai-5Eq5WrHY1igJoG0x8dwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Mendip_Defender	2026-05-15 22:25:19 (1 month ago)	May 15 21:56:38 jackstringer proftpd[694865]: 0.0.0.0 (2a02:c207:2316:2392::1[2a02:c207:2316:2392::1 ... show more May 15 21:56:38 jackstringer proftpd[694865]: 0.0.0.0 (2a02:c207:2316:2392::1[2a02:c207:2316:2392::1]) - USER 4x4response: no such user found from 2a02:c207:2316:2392::1 [2a02:c207:2316:2392::1] to 2a03:9800:10:1a0::2:21 May 15 23:25:18 jackstringer proftpd[700519]: 0.0.0.0 (2a02:c207:2316:2392::1[2a02:c207:2316:2392::1]) - USER 4x4response: no such user found from 2a02:c207:2316:2392::1 [2a02:c207:2316:2392::1] to 2a03:9800:10:1a0::2:21 ... show less	DDoS Attack
🇺🇸 factor1	2026-05-15 22:08:57 (1 month ago)	Fail2ban at atlas Reports Abuse.	FTP Brute-Force Brute-Force

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 101.47.159.125

🇺🇸 74.87.117.150

🇧🇷 45.70.164.151

🇬🇧 35.203.211.225

🇳🇱 195.178.110.232

🇨🇷 190.10.8.26

🇮🇳 172.253.222.213

🇮🇩 163.7.6.74

🇹🇷 149.34.210.154

🇫🇷 143.244.57.118

🇮🇳 103.190.7.38

🇭🇰 103.103.245.7

🇻🇳 103.15.222.111

🇸🇬 101.47.14.46

🇨🇳 36.42.67.114

🇨🇳 101.33.249.217

🇨🇦 85.217.149.42

🇻🇳 14.188.242.215

🇫🇷 13.140.162.247

🇺🇸 205.210.31.91