JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2001:df1:e8c0::1009

2001:df1:e8c0::1009 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 11%: ?

11%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	PT Gunung Sedayu Sentosa
Usage Type	Commercial
ASN	AS150493
Domain Name	gss.biz.id
Country	🇮🇩 Indonesia
City	Cikarang, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2001:df1:e8c0::1009

Whois 2001:df1:e8c0::1009

IP Abuse Reports for 2001:df1:e8c0::1009:

This IP address has been reported a total of 11 times from 4 distinct sources. 2001:df1:e8c0::1009 was first reported on June 16th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 fazar	2026-06-13 15:58:48 (1 week ago)	bad-behavior: 15 attempts from 2001:df1:e8c0::1009 on node: bdj02	Exploited Host Web App Attack
🇮🇩 fazar	2026-06-12 11:39:10 (1 week ago)	bad-behavior: 15 attempts from 2001:df1:e8c0::1009 on node: bdj02	Exploited Host Web App Attack
🇮🇩 fazar	2026-05-30 08:06:22 (3 weeks ago)	bad-behavior: 15 attempts from 2001:df1:e8c0::1009 on node: bdj02	Exploited Host Web App Attack
🇮🇩 soc-yk	2026-05-27 05:58:15 (3 weeks ago)	Type: suspicious_network_activity Threat: backup_archive_scanner Risk: 100 Events: 17088 Evidence: ... show more Type: suspicious_network_activity Threat: backup_archive_scanner Risk: 100 Events: 17088 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇮🇩 soc-yk	2026-05-25 12:15:18 (4 weeks ago)	Type: web_scanning Threat: public_web_exploitation_scanner Risk: 100 Events: 7392 Evidence: - Autom ... show more Type: web_scanning Threat: public_web_exploitation_scanner Risk: 100 Events: 7392 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Web App Attack
🇮🇩 soc-yk	2026-05-23 13:45:30 (4 weeks ago)	Type: exploitation_attempt Threat: backup_archive_scanner Risk: 100 Events: 96 Evidence: - Repeated ... show more Type: exploitation_attempt Threat: backup_archive_scanner Risk: 100 Events: 96 Evidence: - Repeated exploitation attempts detected - Malicious infrastructure behavior observed show less	Web App Attack Hacking
🇮🇩 fazar	2026-05-22 10:14:08 (1 month ago)	bad-behavior: 15 attempts from 2001:df1:e8c0::1009 on node: bdj02	Exploited Host Web App Attack
🇮🇩 fazar	2026-01-31 16:00:05 (4 months ago)	bad-behavior: 15 attempts from 2001:df1:e8c0::1009 on node: bdj02	Exploited Host Web App Attack
🇮🇩 fazar	2025-09-30 16:02:12 (8 months ago)	IP address filtered by [http-404-bruteforce] for suspicious activities (ckg02).	Hacking Exploited Host Web App Attack
🇬🇧 openstrike.co.uk	2025-06-17 05:14:52 (1 year ago)	4 attacks on PHP URLs, deployment descriptor URLs, Confluence URLs: GET /login-x.php HTTP/1.1 GET /m ... show more 4 attacks on PHP URLs, deployment descriptor URLs, Confluence URLs: GET /login-x.php HTTP/1.1 GET /myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.. HTTP/1.1 GET /login.action?redirectAction:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 stinpriza	2025-06-16 08:11:50 (1 year ago)	common Web Exploits being scanned	Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.245

🇨🇳 139.196.54.61

🇯🇵 168.138.213.115

🇳🇱 77.83.39.14

🇦🇺 74.91.200.217

🇺🇸 2607:f8b0:4002:c02::12e

🇺🇸 2604:a880:400:d1:0:4:9e91:e001

🇸🇬 2404:6800:4003:c20::12a

🇰🇷 218.149.228.143

🇺🇸 205.210.31.74

🇨🇳 183.227.103.109

🇦🇷 181.46.245.47

🇺🇸 162.216.150.170

🇫🇮 147.185.133.65

🇷🇴 141.98.83.240

🇨🇳 112.38.109.72

🇳🇱 91.92.40.202

🇬🇧 85.203.46.90

🇨🇳 47.97.56.233

🇨🇳 36.57.115.43