JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a09:bac5:952d:3af::5e:48

2a09:bac5:952d:3af::5e:48 was found in our database!

This IP was reported 3 times. Confidence of Abuse is 22%: ?

22%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Cloudflare London, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	St. Louis, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a09:bac5:952d:3af::5e:48

Whois 2a09:bac5:952d:3af::5e:48

IP Abuse Reports for 2a09:bac5:952d:3af::5e:48:

This IP address has been reported a total of 3 times from 3 distinct sources. 2a09:bac5:952d:3af::5e:48 was first reported on June 13th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 nfsec.pl	2026-06-13 08:03:03 (1 week ago)	2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:08:02:59 +0000] "GET /ms-themes.php HTTP/2.0" 404 24992 " ... show more 2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:08:02:59 +0000] "GET /ms-themes.php HTTP/2.0" 404 24992 "http://nfsec.pl/ms-themes.php" "Go-http-client/2.0" 2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:08:03:01 +0000] "GET /chosen.php HTTP/2.0" 404 24339 "https://nfsec.pl/chosen.php?p=" "Go-http-client/2.0" 2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:08:03:01 +0000] "GET /file.php HTTP/2.0" 404 24301 "http://nfsec.pl/file.php" "Go-http-client/2.0" 2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:08:03:02 +0000] "GET /flower.php HTTP/2.0" 404 24263 "http://nfsec.pl/flower.php" "Go-http-client/2.0" 2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:08:03:02 +0000] "GET /gifclass.php HTTP/2.0" 404 24078 "http://nfsec.pl/gifclass.php#888xyz999" "Go-http-client/2.0" ... show less	Web App Attack Exploited Host
🇬🇧 Mendip_Defender	2026-06-13 04:34:35 (1 week ago)	2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:05:34:28 +0100] "GET /ms-themes.php HTTP/1.1" 404 4037 "h ... show more 2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:05:34:28 +0100] "GET /ms-themes.php HTTP/1.1" 404 4037 "http://mylittleblueduck.co.uk/ms-themes.php" "Go-http-client/2.0" 2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:05:34:29 +0100] "GET /chosen.php?p= HTTP/1.1" 404 4037 "http://mylittleblueduck.co.uk/chosen.php?p=" "Go-http-client/2.0" 2a09:bac5:952d:3af::5e:48 - - [13/Jun/2026:05:34:29 +0100] "GET /file.php HTTP/1.1" 404 4037 "http://mylittleblueduck.co.uk/file.php" "Go-http-client/2.0" ... show less	Hacking Web App Attack
🇮🇹 VHosting	2026-06-13 02:15:03 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 3 of 3 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:10ff:8::

🇩🇪 146.70.160.236

🇨🇳 114.246.241.87

🇳🇱 91.92.40.13

🇮🇳 82.24.117.77

🇮🇷 2.188.34.65

🇳🇱 193.142.147.111

🇷🇴 193.46.255.86

🇳🇱 192.42.116.108

🇪🇨 190.83.104.10

🇱🇹 188.69.225.188

🇷🇺 188.17.148.221

🇧🇷 179.228.151.4

🇧🇪 128.90.145.17

🇩🇪 94.26.106.234

🇷🇴 80.94.92.167

🇧🇪 35.187.108.238

🇮🇳 223.188.80.79

🇳🇱 194.50.16.253

🇺🇸 192.3.16.60