JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a01:4f8:1c1f:9969::1

2a01:4f8:1c1f:9969::1 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 64%: ?

64%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Nuremberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a01:4f8:1c1f:9969::1

Whois 2a01:4f8:1c1f:9969::1

IP Abuse Reports for 2a01:4f8:1c1f:9969::1:

This IP address has been reported a total of 15 times from 11 distinct sources. 2a01:4f8:1c1f:9969::1 was first reported on June 19th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-22 18:46:16 (1 day ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-21 09:46:22 (3 days ago)	Failed Wordpress Logins	Web App Attack
🇩🇪 LRob.fr	2026-06-20 08:30:05 (4 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇫🇷 SpaceHost-Server	2026-06-20 00:46:10 (4 days ago)	2a01:4f8:1c1f:9969::1 - - [20/Jun/2026:02:44:45 +0200] "POST /wp-login.php HTTP/1.1" 200 14387 "http ... show more 2a01:4f8:1c1f:9969::1 - - [20/Jun/2026:02:44:45 +0200] "POST /wp-login.php HTTP/1.1" 200 14387 "https://linus-wittemann.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 2a01:4f8:1c1f:9969::1 - - [20/Jun/2026:02:45:32 +0200] "POST /wp-login.php HTTP/1.1" 200 16476 "https://sandbox.wp-knowhow.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 2a01:4f8:1c1f:9969::1 - - [20/Jun/2026:02:46:08 +0200] "POST /wp-login.php HTTP/1.1" 200 16480 "https://sandbox.wp-knowhow.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇳🇱 Mangelot Hosting	2026-06-20 00:37:09 (4 days ago)	(wp_login_try) srv104 WP Login Attempt 2a01:4f8:1c1f:9969::1 (DE/Germany/-): 10 in the last 3600 sec ... show more (wp_login_try) srv104 WP Login Attempt 2a01:4f8:1c1f:9969::1 (DE/Germany/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇪🇸 alferez	2026-06-20 00:01:29 (4 days ago)	Multiple WP Login Attack	Hacking Exploited Host Web App Attack
Anonymous	2026-06-19 23:54:29 (4 days ago)	Failed Wordpress Logins	Web App Attack
🇩🇪 london2038.com	2026-06-19 19:01:08 (4 days ago)	Attacking WordPress 2a01:4f8:1c1f:9969::1 - - [19/Jun/2026:21:01:06 +0200] "POST /wp-login.php HTTP/ ... show more Attacking WordPress 2a01:4f8:1c1f:9969::1 - - [19/Jun/2026:21:01:06 +0200] "POST /wp-login.php HTTP/2.0" 503 19291 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇩🇪 Viveronese	2026-06-19 18:48:04 (4 days ago)	Wordpress vulnerability scanning	Web App Attack
Anonymous	2026-06-19 18:45:19 (4 days ago)	Web attack blocked by Wordfence on mezzia.nl (1 hit). Reported by CRMON.	Web App Attack
🇩🇪 LRob.fr	2026-06-19 18:30:11 (4 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-19 18:19:05 (4 days ago)	2a01:4f8:1c1f:9969::1 - - [19/Jun/2026:20:18:07 +0200] "POST /wp-login.php HTTP/1.1" 200 11750 "http ... show more 2a01:4f8:1c1f:9969::1 - - [19/Jun/2026:20:18:07 +0200] "POST /wp-login.php HTTP/1.1" 200 11750 "https://testingstuff.wp-knowhow.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 2a01:4f8:1c1f:9969::1 - - [19/Jun/2026:20:18:59 +0200] "POST /wp-login.php HTTP/1.1" 200 15477 "https://focusingausbildung.wp-knowhow.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 2a01:4f8:1c1f:9969::1 - - [19/Jun/2026:20:19:04 +0200] "POST /wp-login.php HTTP/1.1" 200 15387 "https://weiber.wp-knowhow.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇮🇹 VHosting	2026-06-19 18:15:04 (4 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇷🇴 SpamStopper	2026-06-19 18:13:57 (4 days ago)	Automated mitigation by Fail2Ban firewall due to persistent security policy violations.	Port Scan Brute-Force Web App Attack
🇩🇪 Hazzard	2026-06-19 18:08:59 (4 days ago)	(wordpress) Failed wordpress login from 2a01:4f8:1c1f:9969::1 (DE/Germany/Bavaria/Nuremberg/-/[redac ... show more (wordpress) Failed wordpress login from 2a01:4f8:1c1f:9969::1 (DE/Germany/Bavaria/Nuremberg/-/[redacted]): (CF_ENABLE) show less	Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 203.55.131.3

🇺🇸 135.222.40.73

🇨🇦 85.217.149.21

🇮🇶 65.20.198.159

🇳🇱 45.156.87.216

🇬🇧 193.32.209.235

🇩🇪 164.92.161.148

🇻🇳 125.212.244.35

🇨🇳 112.86.225.217

🇧🇪 109.134.72.25

🇫🇷 85.217.140.24

🇲🇦 81.192.46.29

🇬🇪 62.182.15.57

🇸🇬 45.78.204.254

🇺🇸 2607:f8b0:4001:c56::12b

🇮🇳 182.69.176.228

🇺🇸 160.83.69.99

🇭🇰 118.193.40.88

🇮🇳 103.241.83.74

🇫🇷 85.217.140.50