JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c207:2335:4239::1

2a02:c207:2335:4239::1 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 77%: ?

77%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3354239.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c207:2335:4239::1

Whois 2a02:c207:2335:4239::1

IP Abuse Reports for 2a02:c207:2335:4239::1:

This IP address has been reported a total of 24 times from 13 distinct sources. 2a02:c207:2335:4239::1 was first reported on June 15th 2026, and the most recent report was 12 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 20:25:37 (12 minutes ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:25:31.157456 2026] [security2:error] [pid 1085:tid 1085] [client 2a02:c207:2335:4239::1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swarnar.com"] [uri "/functions/.env"] [unique_id "ajBfu60HXGV6TRpa_mafBQAAAEY"], referer: http://swarnar.com/functions/.env show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 20:05:08 (33 minutes ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇳🇱 Nrbrtkls	2026-06-15 19:52:33 (45 minutes ago)	Scanning for .env secrets files on Cloudflare-fronted site	Web App Attack
🇩🇪 XICTRON	2026-06-15 19:50:06 (48 minutes ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:35:15 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:35:08.714933 2026] [security2:error] [pid 6362:tid 6362] [client 2a02:c207:2335:4239::1:51892] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "8two7.com"] [uri "/api/.env"] [unique_id "ajBT7CdZie3aN3LL-0TeQQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-15 19:10:06 (1 hour ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-15 19:05:59 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:05:55.739104 2026] [security2:error] [pid 6982:tid 6996] [client 2a02:c207:2335:4239::1:41924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rosicrucian.net"] [uri "/functions/.env"] [unique_id "ajBNE2g-RlWPyqzFk5PujQAAAUw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Aetherweb Ark	2026-06-15 18:38:08 (2 hours ago)	(mod_security) mod_security (id:949110) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserve ... show more (mod_security) mod_security (id:949110) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserver.net): N in the last X secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 18:12:12 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:12:09.156884 2026] [security2:error] [pid 23953:tid 23953] [client 2a02:c207:2335:4239::1:59016] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trapper.biz"] [uri "/api/.env"] [unique_id "ajBAedQlkAlFhWWb2RdJmwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:18:29 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:18:23.490886 2026] [security2:error] [pid 9537:tid 9537] [client 2a02:c207:2335:4239::1:60852] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backstore.com"] [uri "/functions/.env"] [unique_id "ajAz36jhSoS2j7sh4p1i6wAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 todix	2026-06-15 17:15:46 (3 hours ago)	WebAttack or semilar from 2a02:c207:2335:4239::1	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:02:37 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:02:29.636867 2026] [security2:error] [pid 17803:tid 17803] [client 2a02:c207:2335:4239::1:59974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lonasytoldosdelatorre.com"] [uri "/functions/.env"] [unique_id "ajAwJeS09QxIB7B8tstheAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 15:07:59 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserve ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2335:4239::1 (vmi3354239.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 11:07:55.886848 2026] [security2:error] [pid 13312:tid 13312] [client 2a02:c207:2335:4239::1:50788] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fancyspider.net"] [uri "/.env"] [unique_id "ajAVSzuIn5X2uMsnPeihawAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 itsolon	2026-06-15 15:07:43 (5 hours ago)	[15/Jun/2026:17:07:41 +0200] 178153606181.249518 2a02:c207:2335:4239::1 0 217.154.7.177 443 [15/Jun/ ... show more [15/Jun/2026:17:07:41 +0200] 178153606181.249518 2a02:c207:2335:4239::1 0 217.154.7.177 443 [15/Jun/2026:17:07:42 +0200] 178153606299.985120 2a02:c207:2335:4239::1 0 217.154.7.177 443 [15/Jun/2026:17:07:41 +0200] 178153606193.219691 2a02:c207:2335:4239::1 0 217.154.7.177 443 [15/Jun/2026:17:07:42 +0200] 178153606253.036513 2a02:c207:2335:4239::1 0 217.154.7.177 443 [15/Jun/2026:17:07:41 +0200] 178153606120.723043 2a02:c207:2335:4239::1 0 217.154.7.177 443 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇨🇭 4server	2026-06-15 14:24:17 (6 hours ago)	[MonJun1516:24:14.6615842026][security2:error][pid3601603:tid3602250][client2a02:c207:2335:4239::1:0 ... show more [MonJun1516:24:14.6615842026][security2:error][pid3601603:tid3602250][client2a02:c207:2335:4239::1:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"4hosts.net\"][uri\"/api/.env\"][unique_id\"ajALDmdEAtBgNH-qN7P5pAAAARI\"] show less	Hacking Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 202.105.188.66

🇧🇷 201.76.120.30

🇨🇳 124.227.31.53

🇭🇰 103.100.208.168

🇲🇾 47.250.162.200

🇺🇸 3.83.245.221

🇻🇪 201.249.87.203

🇲🇽 201.145.112.12

🇧🇷 200.175.61.207

🇺🇸 172.253.209.154

🇧🇩 103.55.242.10

🇺🇸 66.154.105.106

🇦🇺 20.92.245.19

🇺🇸 2607:f8b0:4001:c2f::129

🇷🇴 200.26.188.219

🇺🇸 162.254.36.150

🇵🇰 139.135.45.146

🇺🇸 66.132.186.182

🇲🇾 47.250.10.55

🇳🇱 45.148.10.152