JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c207:2333:8253::1

2a02:c207:2333:8253::1 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 19%: ?

19%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3338253.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c207:2333:8253::1

Whois 2a02:c207:2333:8253::1

IP Abuse Reports for 2a02:c207:2333:8253::1:

This IP address has been reported a total of 13 times from 3 distinct sources. 2a02:c207:2333:8253::1 was first reported on June 3rd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-03 23:23:57 (1 week ago)	(mod_security) mod_security (id:248270) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:248270) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:23:51.170499 2026] [security2:error] [pid 18449:tid 18542] [client 2a02:c207:2333:8253::1:49668] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?\|rmi\|dns\|iiop\|nis\|nds\|corba\|\\\\$\\\\{(?:lower\|upper)):" at ARGS:x. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j\|\|coldwave.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "coldwave.net"] [uri "/"] [unique_id "aiC3h3izs7qnicGbzMF-MgAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 22:22:41 (1 week ago)	(mod_security) mod_security (id:248270) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:248270) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 18:22:37.873088 2026] [security2:error] [pid 19536:tid 19536] [client 2a02:c207:2333:8253::1:44854] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\$\\\\{jndi:(ldaps?\|rmi\|dns\|iiop\|nis\|nds\|corba\|\\\\$\\\\{(?:lower\|upper)):" at ARGS:x. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "7626"] [id "248270"] [rev "1"] [msg "COMODO WAF: Remote code execution in Apache log4j\|\|cmgpartners.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cmgpartners.com"] [uri "/"] [unique_id "aiCpLf7MXzMp4ldlGSybDQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 15:02:26 (2 weeks ago)	(mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 11:02:21.116571 2026] [security2:error] [pid 20468:tid 20468] [client 2a02:c207:2333:8253::1:50068] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|aprilparks.com\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "aprilparks.com"] [uri "/guest_auth/guestIsUp.php"] [unique_id "aiBB_eJcbtz935vjgBGcDAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 13:27:14 (2 weeks ago)	(mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 09:27:09.128409 2026] [security2:error] [pid 29717:tid 29717] [client 2a02:c207:2333:8253::1:39502] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|anthearodgers.com\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "anthearodgers.com"] [uri "/guest_auth/guestIsUp.php"] [unique_id "aiArrRCbRT4dGd4StGEokAAAAFo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 11:56:22 (2 weeks ago)	(mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 07:56:17.078616 2026] [security2:error] [pid 3854:tid 3854] [client 2a02:c207:2333:8253::1:42940] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|andrewmcgrath.com\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "andrewmcgrath.com"] [uri "/guest_auth/guestIsUp.php"] [unique_id "aiAWYaawgadNoaCVbWOXBwAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 10:55:14 (2 weeks ago)	(mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 06:55:10.381985 2026] [security2:error] [pid 7990:tid 7990] [client 2a02:c207:2333:8253::1:44796] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|amtnm.com\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "amtnm.com"] [uri "/guest_auth/guestIsUp.php"] [unique_id "aiAIDq5LdctOMxxK57JDcgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 10:09:17 (2 weeks ago)	(mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 06:09:09.012313 2026] [security2:error] [pid 996:tid 996] [client 2a02:c207:2333:8253::1:52968] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|abbysue.com\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "abbysue.com"] [uri "/guest_auth/guestIsUp.php"] [unique_id "ah_9RekShthtBhX4iYEnXgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 09:41:54 (2 weeks ago)	(mod_security) mod_security (id:221260) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:221260) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 05:41:49.052839 2026] [security2:error] [pid 6520:tid 6520] [client 2a02:c207:2333:8253::1:45056] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\$\\\$\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|aallred.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aallred.com"] [uri "/cgi-bin/test.cgi"] [unique_id "ah_23Q78FegiE-bt8sdcxAAAAAI"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 08:21:26 (2 weeks ago)	(mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 04:21:22.144802 2026] [security2:error] [pid 25937:tid 25937] [client 2a02:c207:2333:8253::1:43144] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|alphadyne.com\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "alphadyne.com"] [uri "/guest_auth/guestIsUp.php"] [unique_id "ah_kAvxQKPVLE9SI48GaZAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 07:35:07 (2 weeks ago)	(mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 03:34:55.944593 2026] [security2:error] [pid 19541:tid 19541] [client 2a02:c207:2333:8253::1:49740] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|3fabgals.com\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "3fabgals.com"] [uri "/guest_auth/guestIsUp.php"] [unique_id "ah_ZHwOSivN6vewAXV02uAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 07:20:04 (2 weeks ago)	\| Shellshock attack attempt	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-06-03 06:39:45 (2 weeks ago)	(mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserve ... show more (mod_security) mod_security (id:217200) triggered by 2a02:c207:2333:8253::1 (vmi3338253.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:39:39.831650 2026] [security2:error] [pid 29903:tid 29923] [client 2a02:c207:2333:8253::1:57918] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|21370.com\|F\|2"] [data "/guest_auth/guestisup.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "21370.com"] [uri "/guest_auth/guestIsUp.php"] [unique_id "ah_MKyk6a4fhx74f17FDgwAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-03 06:32:52 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/CVE-2022-26134	Hacking

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 94.231.206.254

🇩🇪 213.209.159.235

🇧🇷 205.210.31.181

🇮🇳 182.95.48.38

🇮🇩 182.13.96.107

🇩🇪 167.94.146.72

🇻🇳 113.164.66.10

🇰🇷 112.175.29.94

🇫🇷 91.196.152.124

🇱🇹 81.30.98.62

🇳🇱 45.148.10.151

🇸🇳 41.214.3.135

🇺🇸 2607:f8b0:4001:c6a::124

🇺🇸 216.25.89.147

🇳🇱 212.192.240.10

🇮🇳 167.71.239.213

🇺🇸 145.223.7.7

🇮🇳 103.54.101.248

🇨🇦 85.217.149.40

🇷🇺 83.246.133.16