JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a01:4f8:272:5daf::2

2a01:4f8:272:5daf::2 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 3%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	lds1.premiumspace.gr
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a01:4f8:272:5daf::2

Whois 2a01:4f8:272:5daf::2

IP Abuse Reports for 2a01:4f8:272:5daf::2:

This IP address has been reported a total of 6 times from 3 distinct sources. 2a01:4f8:272:5daf::2 was first reported on November 26th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-06-20 08:21:28 (1 week ago)	(wordpress) Failed wordpress login from 2a01:4f8:272:5daf::2 (DE/Germany/Saxony/Falkenstein/lds1.pre ... show more (wordpress) Failed wordpress login from 2a01:4f8:272:5daf::2 (DE/Germany/Saxony/Falkenstein/lds1.premiumspace.gr/[redacted]): (CF_ENABLE) show less	Brute-Force
🇧🇪 cmbplf	2025-11-26 14:33:23 (7 months ago)	150 requests with url.path *config.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 14:27:54 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:272:5daf::2 (lds1.premiumspace.gr): 1 ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:272:5daf::2 (lds1.premiumspace.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 09:27:47.853860 2025] [security2:error] [pid 7132:tid 7132] [client 2a01:4f8:272:5daf::2:26514] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrasmithquill.com"] [uri "/wp-config.php"] [unique_id "aScOYxMqOfzmHXp9TibKSwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 13:51:42 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:272:5daf::2 (lds1.premiumspace.gr): 1 ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:272:5daf::2 (lds1.premiumspace.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 08:51:35.682497 2025] [security2:error] [pid 2947228:tid 2947228] [client 2a01:4f8:272:5daf::2:27522] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aromatherapyricebags.com"] [uri "/wp-config.php"] [unique_id "aScF5xnOvM2Hgh1n2GLuGAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 13:32:22 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:272:5daf::2 (lds1.premiumspace.gr): 1 ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:272:5daf::2 (lds1.premiumspace.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 08:32:18.052991 2025] [security2:error] [pid 9635:tid 9635] [client 2a01:4f8:272:5daf::2:21844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arnoldwell.com"] [uri "/wp-config.php"] [unique_id "aScBYh3TXjzZf50f2RH6MgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 13:14:24 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 2a01:4f8:272:5daf::2 (lds1.premiumspace.gr): 1 ... show more (mod_security) mod_security (id:210492) triggered by 2a01:4f8:272:5daf::2 (lds1.premiumspace.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 08:14:17.573363 2025] [security2:error] [pid 19114:tid 19114] [client 2a01:4f8:272:5daf::2:6170] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "armandselmwoodpark.com"] [uri "/wp-config.php"] [unique_id "aSb9KQRMNQo2DiEPe7q7jQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 85.217.149.64

🇯🇲 66.9.166.22

🇳🇱 45.148.10.141

🇩🇿 41.98.74.150

🇺🇸 20.168.125.90

🇲🇽 200.92.172.166

🇬🇧 195.140.214.28

🇩🇪 194.187.176.135

🇸🇻 190.87.168.35

🇧🇷 186.235.247.117

🇧🇷 186.225.227.68

🇨🇴 186.113.84.127

🇦🇷 181.209.86.146

🇦🇷 181.46.160.11

🇸🇬 159.65.8.117

🇳🇱 138.124.30.187

🇳🇱 45.148.10.152

🇩🇪 43.228.157.9

🇨🇳 223.86.148.242

🇸🇾 217.20.209.30