JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c207:2335:3454::1

2a02:c207:2335:3454::1 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 77%: ?

77%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3353454.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c207:2335:3454::1

Whois 2a02:c207:2335:3454::1

IP Abuse Reports for 2a02:c207:2335:3454::1:

This IP address has been reported a total of 24 times from 13 distinct sources. 2a02:c207:2335:3454::1 was first reported on June 15th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-16 05:14:57 (1 day ago)	9 attacks on env grabbing URLs: GET /app/.env HTTP/1.1	Hacking
🇫🇷 SpaceHost-Server	2026-06-15 22:30:20 (2 days ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 20:41:57 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:41:51.191490 2026] [security2:error] [pid 5485:tid 5485] [client 2a02:c207:2335:3454::1:40240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "susansimmons.net"] [uri "/project/.env"] [unique_id "ajBjj3-NCRUfcahIH_hLGwAAAHk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇰 SaltySoftworks	2026-06-15 20:24:27 (2 days ago)	User agent spoofing	Spoofing
🇺🇸 TPI-Abuse	2026-06-15 20:05:36 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:05:32.490259 2026] [security2:error] [pid 27515:tid 27515] [client 2a02:c207:2335:3454::1:47386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caferutadelaseda.com"] [uri "/api/.env"] [unique_id "ajBbDEcXLLNbwT_t2veECwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-15 18:37:40 (2 days ago)	1.780 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 18:03:30 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:03:23.918174 2026] [security2:error] [pid 26801:tid 26801] [client 2a02:c207:2335:3454::1:46912] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "san-marino-boat-registration.com"] [uri "/api/.env"] [unique_id "ajA-a6zFvZNTRaG5sj_IRwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:35:43 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:35:35.060913 2026] [security2:error] [pid 26307:tid 26307] [client 2a02:c207:2335:3454::1:34646] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anbrusgoldens.com"] [uri "/api/.env"] [unique_id "ajA35wWNQZ5t6gVSXmS5YwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:07:31 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:07:24.406607 2026] [security2:error] [pid 22303:tid 22409] [client 2a02:c207:2335:3454::1:51536] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newsrank.us"] [uri "/.env"] [unique_id "ajAxTK5Ho5XEFmKY4dbICAAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:39:06 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:39:02.534984 2026] [security2:error] [pid 3155:tid 3155] [client 2a02:c207:2335:3454::1:39480] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jazzclubla.com"] [uri "/project/.env"] [unique_id "ajAqpoNgpucdlS_8cmnWeAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 macrob	2026-06-15 16:38:23 (2 days ago)	2026/06/15 16:38:22 [error] 2547561#2547561: 307679210 access forbidden by rule, client: 2a02:c207: ... show more 2026/06/15 16:38:22 [error] 2547561#2547561: 307679210 access forbidden by rule, client: 2a02:c207:2335:3454::1, server: finami.es, request: "GET /project/.env HTTP/2.0", host: "finami.es", referrer: "http://finami.es/project/.env" 2026/06/15 16:38:22 [error] 2547565#2547565: 307677896 access forbidden by rule, client: 2a02:c207:2335:3454::1, server: finami.es, request: "GET /api/.env HTTP/2.0", host: "finami.es", referrer: "http://finami.es/api/.env" 2026/06/15 16:38:22 [error] 2547565#2547565: 307680719 access forbidden by rule, client: 2a02:c207:2335:3454::1, server: finami.es, request: "GET /.env HTTP/2.0", host: "finami.es", referrer: "http://finami.es/.env" ... show less	Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-15 15:03:22 (2 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 14:54:31 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:3454::1 (vmi3353454.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 10:54:28.152505 2026] [security2:error] [pid 26108:tid 26108] [client 2a02:c207:2335:3454::1:52366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gonzalez.com"] [uri "/.env"] [unique_id "ajASJClzCs3p0ArI88iN_AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-15 14:14:22 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇨🇭 YF	2026-06-15 14:05:12 (2 days ago)	Environment file probe	Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 186.104.171.94

🇬🇧 118.26.104.212

🇮🇪 52.19.130.148

🇧🇷 205.210.31.172

🇻🇪 201.249.87.203

🇰🇿 194.32.140.43

🇨🇱 186.103.169.12

🇨🇱 186.10.86.130

🇬🇧 185.99.29.168

🇺🇸 178.93.46.69

🇺🇸 162.216.149.170

🇨🇦 147.182.149.219

🇫🇷 91.231.89.154

🇧🇪 87.64.234.149

🇳🇱 45.148.10.151

🇫🇷 31.36.163.95

🇰🇷 220.88.220.59

🇬🇧 217.154.42.110

🇺🇸 209.74.83.91

🇳🇱 204.76.203.15