JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 80.239.207.207

80.239.207.207 was found in our database!

This IP was reported 113 times. Confidence of Abuse is 82%: ?

82%

ISP	Deltaphon Multimedia GmbH
Usage Type	Fixed Line ISP
ASN	AS1299
Hostname(s)	207.128-25.207.239.80.in-addr.arpa
Domain Name	deltaphon.net
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 80.239.207.207

Whois 80.239.207.207

IP Abuse Reports for 80.239.207.207:

This IP address has been reported a total of 113 times from 56 distinct sources. 80.239.207.207 was first reported on December 19th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 rh24	2026-06-06 17:44:23 (9 hours ago)	(wordpress-user-enum) Failed wordpress-user-enum trigger from 80.239.207.207 (DE/Germany/-): (CF_EN ... show more (wordpress-user-enum) Failed wordpress-user-enum trigger from 80.239.207.207 (DE/Germany/-): (CF_ENABLE) show less	Brute-Force
🇩🇪 R.G.	2026-06-06 16:37:21 (10 hours ago)	(XMLRPCorWHATEVER) Get lost please 80.239.207.207 (DE/Germany/-): 3 in the last 900 secs; Ports: ; ... show more (XMLRPCorWHATEVER) Get lost please 80.239.207.207 (DE/Germany/-): 3 in the last 900 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 WeekendWeb	2026-06-06 14:12:44 (13 hours ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 12:58:44 (14 hours ago)	(mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 08:58:39.882568 2026] [security2:error] [pid 23091:tid 23091] [client 80.239.207.207:52854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.americanureport.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.americanureport.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiQZf93OC8gzFNJl8Fv_lQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-06 09:00:09 (18 hours ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇩🇪 LRob.fr	2026-06-06 08:45:06 (18 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 03:02:12 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 23:02:06.551752 2026] [security2:error] [pid 27314:tid 27314] [client 80.239.207.207:55088] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.naominixon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.naominixon.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiONrkYfv9J_nD9cPeo47gAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 01:41:40 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 21:41:35.943215 2026] [security2:error] [pid 14365:tid 14378] [client 80.239.207.207:48464] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|vinylnotespodcast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vinylnotespodcast.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiN6z7RUfpjp-aTMa99PawAAAMs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-05 23:49:41 (1 day ago)	(wp_login_try) srv103 WP Login Attempt 80.239.207.207 (GB/United Kingdom/-): 10 in the last 3600 sec ... show more (wp_login_try) srv103 WP Login Attempt 80.239.207.207 (GB/United Kingdom/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 rh24	2026-06-05 10:27:14 (1 day ago)	(wordpress-user-enum) Failed wordpress-user-enum trigger from 80.239.207.207 (DE/Germany/-): (CF_EN ... show more (wordpress-user-enum) Failed wordpress-user-enum trigger from 80.239.207.207 (DE/Germany/-): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 18:16:51 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 14:16:44.167127 2026] [security2:error] [pid 12274:tid 12274] [client 80.239.207.207:37688] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|georgesmarina.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "georgesmarina.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiHBDJSli-VZQkNME72B8wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-04 11:29:04 (2 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 06:57:29 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 02:57:23.509982 2026] [security2:error] [pid 21607:tid 21607] [client 80.239.207.207:60924] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.wild-goose.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wild-goose.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aiEh00zFpmXyZHPy-L9OvgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 05:59:30 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 80.239.207.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 01:59:24.227227 2026] [security2:error] [pid 7637:tid 7637] [client 80.239.207.207:48458] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.cyqci.eu\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cyqci.eu"] [uri "/wp-json/wp/v2/users"] [unique_id "aiEUPJPqjAOH4P2W3aqZFAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-04 03:14:31 (3 days ago)	(wp_login_try) srv104 WP Login Attempt 80.239.207.207 (GB/United Kingdom/-): 10 in the last 3600 sec ... show more (wp_login_try) srv104 WP Login Attempt 80.239.207.207 (GB/United Kingdom/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack

Showing 1 to 15 of 113 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 162.158.111.116

🇫🇮 147.185.133.137

🇺🇸 20.168.121.45

🇺🇸 20.127.244.206

🇳🇱 5.255.123.222

🇧🇪 198.235.24.213

🇲🇦 196.65.75.16

🇩🇪 172.71.144.155

🇹🇼 114.34.106.146

🇫🇷 88.183.253.24

🇺🇸 74.82.47.24

🇸🇬 47.84.207.87

🇮🇹 5.99.196.202

🇺🇸 205.210.31.70

🇺🇸 205.210.31.44

🇹🇳 197.0.45.93

🇳🇱 185.242.226.18

🇺🇸 162.216.149.96

🇮🇪 108.131.125.72

🇺🇸 76.27.106.170