JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a01:4f8:241:485::2

2a01:4f8:241:485::2 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 5%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	mail.digipa.it
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a01:4f8:241:485::2

Whois 2a01:4f8:241:485::2

IP Abuse Reports for 2a01:4f8:241:485::2:

This IP address has been reported a total of 6 times from 2 distinct sources. 2a01:4f8:241:485::2 was first reported on February 9th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-23 11:16:34 (13 hours ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 07:16:28.355331 2026] [security2:error] [pid 20465:tid 20465] [client 2a01:4f8:241:485::2:58996] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rddeckerphotography.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rddeckerphotography.com"] [uri "/blog/wp-json/wp/v2/users"] [unique_id "ajprDOxVg9eG2KOMAp4rggAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 04:36:27 (20 hours ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 00:36:22.646593 2026] [security2:error] [pid 16598:tid 16598] [client 2a01:4f8:241:485::2:41476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.americanexportimport.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.americanexportimport.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajoNRgqoQoxG0IAdeD0zdwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 06:02:26 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 02:02:18.052366 2026] [security2:error] [pid 28009:tid 28009] [client 2a01:4f8:241:485::2:41338] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.stop902.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.stop902.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajjP6uMUQUyiKb4k9wJICAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 10:10:00 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:09:57.065965 2026] [security2:error] [pid 19029:tid 19029] [client 2a01:4f8:241:485::2:33558] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.atidysort.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.atidysort.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aje4dYbF2J3syxV3AMy6XwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 09:29:36 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:241:485::2 (mail.digipa.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 05:29:29.705807 2026] [security2:error] [pid 26963:tid 26963] [client 2a01:4f8:241:485::2:49262] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.forerunnersjazz.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.forerunnersjazz.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajeu-fpUsDfFqnHeci_PcAAAAF0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-02-09 16:07:07 (4 months ago)	2a01:4f8:241:485::2 - - [09/Feb/2026:09:07:06 -0700] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozill ... show more 2a01:4f8:241:485::2 - - [09/Feb/2026:09:07:06 -0700] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36 Edg/141.0.0.0" ... show less	Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.118.173.234

🇺🇸 205.210.31.82

🇮🇩 202.51.214.98

🇺🇸 195.184.76.137

🇲🇽 189.131.111.78

🇬🇧 185.216.145.179

🇩🇪 165.227.159.13

🇺🇸 162.216.150.59

🇻🇳 160.191.244.158

🇺🇸 147.185.132.126

🇩🇪 141.82.3.32

🇨🇳 119.97.189.120

🇨🇳 114.245.18.135

🇧🇬 91.191.209.118

🇺🇸 65.110.40.106

🇨🇳 60.247.144.35

🇺🇸 52.20.198.190

🇲🇾 49.124.147.250

🇺🇸 47.251.46.207

🇺🇸 44.145.44.170