JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c207:2330:7005::1

2a02:c207:2330:7005::1 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 67%: ?

67%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3307005.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c207:2330:7005::1

Whois 2a02:c207:2330:7005::1

IP Abuse Reports for 2a02:c207:2330:7005::1:

This IP address has been reported a total of 17 times from 13 distinct sources. 2a02:c207:2330:7005::1 was first reported on May 21st 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-12 08:07:19 (16 hours ago)	Multiple WAF Violations	Web App Attack
🇳🇱 middelkoopcc	2026-06-09 16:40:06 (3 days ago)	2026-06-09 18:37:33 [client 2a02:c207:2330:7005::1:36816] AH10244: invalid URI path (/public/plugins ... show more 2026-06-09 18:37:33 [client 2a02:c207:2330:7005::1:36816] AH10244: invalid URI path (/public/plugins/cloudwatch/../../../../../conf/defaults.ini) && 2026-06-09 18:37:33 [client 2a02:c207:2330:7005::1:36822] AH10244: invalid URI path (/public/plugins/clarity89-finnhub-datasource/../../../../../conf/defaults.ini) && 2026-06-09 18:37:33 [client 2a02:c207:2330:7005::1:36764] AH10244: invalid URI path (/public/plugins/belugacdn-app/../../../../../conf/defaults.ini) && 322 more within 20 minutes show less	Web App Attack
🇩🇪 on-com	2026-06-08 11:27:01 (4 days ago)	URL scan	Brute-Force Web App Attack
🇳🇱 e.fierstra	2026-06-07 17:42:51 (5 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-06 10:01:21 (6 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 IloGus	2026-06-06 00:30:14 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇩🇪 LRob.fr	2026-06-06 00:30:10 (1 week ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-05 21:57:41 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2330:7005::1 (vmi3307005.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2330:7005::1 (vmi3307005.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 17:57:36.811013 2026] [security2:error] [pid 16977:tid 16977] [client 2a02:c207:2330:7005::1:35684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accpp.link"] [uri "/.env"] [unique_id "aiNGUDc4t80vIE72xnSWwQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 6kilowatti	2026-06-05 21:41:04 (1 week ago)	2a02:c207:2330:7005::1 - - [06/Jun/2026:00:41:03 +0300] "GET /.env.production.local HTTP/1.1" 404 60 ... show more 2a02:c207:2330:7005::1 - - [06/Jun/2026:00:41:03 +0300] "GET /.env.production.local HTTP/1.1" 404 60 "-" "Mozilla/5.0 (Debian; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 12:13:09 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2330:7005::1 (vmi3307005.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2330:7005::1 (vmi3307005.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 08:13:02.525851 2026] [security2:error] [pid 10076:tid 10076] [client 2a02:c207:2330:7005::1:45164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "candlesandwoodcrafts.com"] [uri "/.env.candlesandwoodcrafts"] [unique_id "aiK9Tn2j74Ev9XtjUu_FVAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-05 11:55:04 (1 week ago)	Multiple WAF Violations	Web App Attack
🇪🇸 alferez	2026-06-04 23:46:57 (1 week ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-03 22:03:05 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-02. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-01 16:22:41 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 2a02:c207:2330:7005::1 (vmi3307005.contaboserve ... show more (mod_security) mod_security (id:210730) triggered by 2a02:c207:2330:7005::1 (vmi3307005.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 12:22:33.237123 2026] [security2:error] [pid 4109:tid 4109] [client 2a02:c207:2330:7005::1:36396] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|femalegamblers.org\|F\|2"] [data ".production.ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "femalegamblers.org"] [uri "/deploy.production.ini"] [unique_id "ah2xyVOl82EceZfoGVGutgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-05-25 05:20:02 (2 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2400:cb00:1232:1000:651f:6f68:a6c7:6605

🇨🇦 199.21.149.124

🇹🇼 198.235.24.56

🇵🇱 194.180.49.217

🇸🇬 194.5.82.6

🇳🇱 185.224.128.16

🇪🇸 185.72.214.220

🇫🇮 147.185.133.135

🇮🇳 125.20.247.194

🇨🇳 122.114.46.29

🇬🇧 93.119.124.74

🇫🇷 85.217.140.44

🇺🇸 74.82.47.45

🇳🇱 45.148.10.62

🇮🇳 45.40.57.172

🇺🇸 3.236.236.213

🇩🇪 2a01:7e01::2000:59ff:fe93:45d0

🇮🇳 2400:cb00:679:1000:621e:7d83:8e54:b732

🇺🇸 208.87.243.251

🇺🇸 208.84.101.205