JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a01:4f8:231:30a::2

2a01:4f8:231:30a::2 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 43%: ?

43%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a01:4f8:231:30a::2

Whois 2a01:4f8:231:30a::2

IP Abuse Reports for 2a01:4f8:231:30a::2:

This IP address has been reported a total of 11 times from 6 distinct sources. 2a01:4f8:231:30a::2 was first reported on June 20th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-06-27 09:46:39 (2 hours ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 factor1	2026-06-26 09:31:18 (1 day ago)	Fail2ban at churndash Reports Abuse.	Brute-Force Web App Attack
🇺🇸 lostswordfish.com	2026-06-26 07:36:03 (1 day ago)	Wordfence waf block on 1105merrystreet	Web App Attack
🇩🇪 LRob.fr	2026-06-26 07:30:03 (1 day ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 19:37:50 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 15:37:47.546483 2026] [security2:error] [pid 8160:tid 8160] [client 2a01:4f8:231:30a::2:56698] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.pcga.golf\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.pcga.golf"] [uri "/wp-json/wp/v2/users"] [unique_id "ajmPC6xv8g3m3ri7JjPnjwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 15:44:07 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 11:43:58.977304 2026] [security2:error] [pid 16227:tid 16227] [client 2a01:4f8:231:30a::2:43584] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.realclean.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.realclean.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajlYPlld2tMjTpZgmOgh8AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-22 07:28:01 (5 days ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 TPI-Abuse	2026-06-22 01:36:40 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:36:31.961461 2026] [security2:error] [pid 698:tid 698] [client 2a01:4f8:231:30a::2:53040] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.j3pr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.j3pr.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajiRnzlEj-XXxNwiP_5N4QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 22:06:36 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:06:30.656085 2026] [security2:error] [pid 2969:tid 2969] [client 2a01:4f8:231:30a::2:33924] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.lgbtqhistoryinaustin.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.lgbtqhistoryinaustin.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajcO5gnvlQqsTjoG_e494gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 15:08:31 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 11:08:23.978275 2026] [security2:error] [pid 25814:tid 25814] [client 2a01:4f8:231:30a::2:35630] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.rohanbyles.com.au\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rohanbyles.com.au"] [uri "/wp-json/wp/v2/users"] [unique_id "ajas58YF2dquj5H9QLmrDAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 08:54:03 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:30a::2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:53:55.375686 2026] [security2:error] [pid 29064:tid 29064] [client 2a01:4f8:231:30a::2:43000] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.margroberts.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.margroberts.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajZVI1dT8cLh5JkuIfMi4AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 143.20.49.93

🇺🇸 143.198.104.250

🇵🇭 119.92.141.68

🇫🇷 91.231.89.25

🇮🇹 91.80.156.125

🇱🇺 64.89.161.108

🇬🇧 35.203.210.131

🇷🇺 178.178.194.123

🇧🇷 177.75.207.10

🇱🇻 81.30.98.158

🇺🇸 66.132.186.201

🇲🇾 49.124.151.58

🇺🇸 2607:f8b0:4864:20::1248

🇺🇸 2607:f8b0:4004:1007::123

🇧🇷 177.185.118.243

🇮🇶 169.224.110.162

🇨🇦 104.193.135.243

🇺🇸 91.230.168.209

🇰🇷 59.0.127.22

🇳🇱 45.148.10.240