JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:c207:2340:515::1

2a02:c207:2340:515::1 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 77%: ?

77%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3400515.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:c207:2340:515::1

Whois 2a02:c207:2340:515::1

IP Abuse Reports for 2a02:c207:2340:515::1:

This IP address has been reported a total of 43 times from 13 distinct sources. 2a02:c207:2340:515::1 was first reported on June 26th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 neckaralb-admin.de	2026-06-28 12:01:31 (1 day ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
🇳🇱 WinnieHoneypots	2026-06-28 09:56:38 (1 day ago)		Brute-Force Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-06-28 09:08:13 (1 day ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 08:23:19 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:23:12.716541 2026] [security2:error] [pid 30622:tid 30622] [client 2a02:c207:2340:515::1:53576] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bervick.com"] [uri "/.env"] [unique_id "akDZ8PaMrRBmh9Prcirn1QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-06-28 06:08:25 (1 day ago)	2a02:c207:2340:515::1 - - [28/Jun/2026:08:08:25 +0200] "GET /.env HTTP/1.1" 301 4751 "-" "Mozilla/5. ... show more 2a02:c207:2340:515::1 - - [28/Jun/2026:08:08:25 +0200] "GET /.env HTTP/1.1" 301 4751 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 05:15:20 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:15:14.562675 2026] [security2:error] [pid 2980:tid 2980] [client 2a02:c207:2340:515::1:50658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthonyanimalclinic.net"] [uri "/.env"] [unique_id "akCt4g4B0rZUT24kIkiI_QAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 foxxelabs	2026-06-28 04:06:33 (1 day ago)	Automated report from FoxxeLabs Sentinel. Path probed: /.env \| Project: anseo \| Reason(s): Known exp ... show more Automated report from FoxxeLabs Sentinel. Path probed: /.env \| Project: anseo \| Reason(s): Known exploit path: /.env \| User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/5 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 02:52:49 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:52:45.270522 2026] [security2:error] [pid 24648:tid 24648] [client 2a02:c207:2340:515::1:40976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "annropp.com"] [uri "/.env"] [unique_id "akCMfX0bsqrUKrnZ2PdEOwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 23:00:45 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 19:00:41.218245 2026] [security2:error] [pid 26104:tid 26104] [client 2a02:c207:2340:515::1:35510] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "animatuevento.com.mx"] [uri "/.env"] [unique_id "akBWGePiZ9hSYiXZJN_YFQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-27 22:04:30 (2 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-26. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-27 21:35:49 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:35:43.178917 2026] [security2:error] [pid 21558:tid 21558] [client 2a02:c207:2340:515::1:55624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "72blues.com"] [uri "/.env"] [unique_id "akBCL44N_rwB2Qob3SKQvgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 21:16:42 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:16:38.795527 2026] [security2:error] [pid 8850:tid 8850] [client 2a02:c207:2340:515::1:47850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "804web.net"] [uri "/.env"] [unique_id "akA9trqVeJ9GzMJW6GF7cwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 20:16:51 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:16:44.586581 2026] [security2:error] [pid 9178:tid 9178] [client 2a02:c207:2340:515::1:44454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "36hoursonly.com"] [uri "/.env"] [unique_id "akAvrJ1h7CHvBryFeCCbSAAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 18:21:24 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:21:19.654634 2026] [security2:error] [pid 31104:tid 31104] [client 2a02:c207:2340:515::1:59626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "43cambridge.com"] [uri "/.env"] [unique_id "akAUnwtc37YpJZ4qfWcGCwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 17:46:04 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ... show more (mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 13:45:58.252214 2026] [security2:error] [pid 12416:tid 12416] [client 2a02:c207:2340:515::1:35128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "7livesahead.com"] [uri "/.env"] [unique_id "akAMVoU__2svB_Pp8gxuawAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.42

🇺🇸 195.184.76.112

🇦🇷 190.196.253.22

🇧🇷 187.72.128.177

🇭🇳 168.228.194.242

🇺🇸 147.185.132.38

🇵🇭 126.209.74.205

🇭🇰 104.251.226.148

🇳🇱 104.248.94.33

🇳🇱 104.248.93.163

🇷🇺 103.136.43.74

🇷🇺 94.125.50.139

🇲🇾 49.124.146.45

🇧🇷 45.160.78.25

🇳🇱 45.148.10.29

🇬🇧 35.203.210.186

🇳🇱 34.34.103.195

🇬🇧 2a06:4880:a000::c6

🇺🇸 195.184.76.117

🇧🇷 187.18.97.183