JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a02:2479:9:8200::1

2a02:2479:9:8200::1 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 89%: ?

89%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	IONOS SE
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8560
Domain Name	ionos.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a02:2479:9:8200::1

Whois 2a02:2479:9:8200::1

IP Abuse Reports for 2a02:2479:9:8200::1:

This IP address has been reported a total of 42 times from 16 distinct sources. 2a02:2479:9:8200::1 was first reported on June 10th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 BlueWire Hosting	2026-06-16 21:10:45 (1 day ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇦🇺 clapper	2026-06-16 20:46:59 (1 day ago)	(mod_security) mod_security (id:980001) triggered by 2a02:2479:9:8200::1 (Unknown): 5 in the last 60 ... show more (mod_security) mod_security (id:980001) triggered by 2a02:2479:9:8200::1 (Unknown): 5 in the last 600 secs; ID: rub show less	Brute-Force Bad Web Bot
🇮🇹 VHosting	2026-06-16 20:05:02 (1 day ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-16 15:17:10 (1 day ago)	Multiple WAF Violations	Web App Attack
🇳🇱 Mangelot Hosting	2026-06-16 15:10:26 (1 day ago)	(php_susp_dir) srv101 PHP in suspicious dir 2a02:2479:9:8200::1 (DE/Germany/-): 1 in the last 3600 s ... show more (php_susp_dir) srv101 PHP in suspicious dir 2a02:2479:9:8200::1 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 LRob.fr	2026-06-16 12:45:07 (1 day ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
Anonymous	2026-06-15 18:49:02 (2 days ago)	2a02:2479:9:8200::1 - - [15/Jun/2026:15:48:57 -0300] "GET //wp-content/plugins/plugins/cache.php HTT ... show more 2a02:2479:9:8200::1 - - [15/Jun/2026:15:48:57 -0300] "GET //wp-content/plugins/plugins/cache.php HTTP/1.1" 301 169 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 2a02:2479:9:8200::1 - - [15/Jun/2026:15:48:59 -0300] "GET //wp-content/plugins/plugins/cache.php HTTP/1.1" 301 169 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 2a02:2479:9:8200::1 - - [15/Jun/2026:15:49:01 -0300] "GET //wp-content/plugins/plugins/cache.php HTTP/1.1" 404 826 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" ... show less	Port Scan
🇩🇪 SCHAPPY	2026-06-15 17:48:58 (2 days ago)	Faked HTTP referer / referer spam detected.	Blog Spam Web App Attack
🇦🇺 2000cn.com.au	2026-06-15 13:23:03 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇩🇪 LRob.fr	2026-06-15 10:15:05 (3 days ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇬🇧 Mendip_Defender	2026-06-15 06:48:13 (3 days ago)	2a02:2479:9:8200::1 - - [15/Jun/2026:07:48:03 +0100] "GET //images/images/cache.php HTTP/1.1" 301 16 ... show more 2a02:2479:9:8200::1 - - [15/Jun/2026:07:48:03 +0100] "GET //images/images/cache.php HTTP/1.1" 301 162 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 2a02:2479:9:8200::1 - - [15/Jun/2026:07:48:04 +0100] "GET //images/images/cache.php HTTP/1.1" 301 4197 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 2a02:2479:9:8200::1 - - [15/Jun/2026:07:48:06 +0100] "GET /images/images/cache.php HTTP/1.1" 404 51294 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" ... show less	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-15 04:21:49 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 filstal.org	2026-06-15 03:36:02 (3 days ago)	CrowdSec: crowdsecurity/http-bad-user-agent	Bad Web Bot Hacking
🇫🇷 dynamix	2026-06-15 00:31:53 (3 days ago)	Multiple WAF Violations	Web App Attack
🇮🇹 VHosting	2026-06-14 23:25:03 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.243

🇺🇸 195.184.76.209

🇨🇳 222.128.15.127

🇩🇪 213.209.159.238

🇧🇷 201.18.68.42

🇵🇱 194.180.49.104

🇺🇸 162.216.149.191

🇹🇭 159.192.133.140

🇨🇳 121.40.210.192

🇻🇳 118.69.226.76

🇨🇳 117.132.5.139

🇨🇳 106.75.191.112

🇺🇸 72.253.251.7

🇮🇳 180.214.156.123

🇮🇳 122.183.33.163

🇨🇭 35.216.172.131

🇺🇸 20.237.176.195

🇺🇸 3.16.152.11

🇩🇪 151.243.11.37

🇩🇪 134.209.241.3