JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2001:41d0:303:6f6b::1

2001:41d0:303:6f6b::1 was found in our database!

This IP was reported 174 times. Confidence of Abuse is 35%: ?

35%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	OVH SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Domain Name	ovh.net
Country	🇫🇷 France
City	Dunkirk, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2001:41d0:303:6f6b::1

Whois 2001:41d0:303:6f6b::1

IP Abuse Reports for 2001:41d0:303:6f6b::1:

This IP address has been reported a total of 174 times from 54 distinct sources. 2001:41d0:303:6f6b::1 was first reported on April 3rd 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-06-16 18:43:11 (3 days ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)	Bad Web Bot
Anonymous	2026-06-11 23:24:05 (1 week ago)	2001:41d0:303:6f6b::1 - - [12/Jun/2026:07:22:26 +0800] "GET /%C3%A3%C2%80%C2%8A%C3%A6%C2%83%C2%85%C3 ... show more 2001:41d0:303:6f6b::1 - - [12/Jun/2026:07:22:26 +0800] "GET /%C3%A3%C2%80%C2%8A%C3%A6%C2%83%C2%85%C3%A4%C2%BF%C2%A1%C3%A3%C2%80%C2%8B%C3%A6%C2%96%C2%B0%C3%A5%C2%8A%C2%A0%C3%A5%C2%9D%C2%A1/ HTTP/1.1" 404 39515 "-" "Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)" 2001:41d0:303:6f6b::1 - - [12/Jun/2026:07:23:06 +0800] "GET /2013%C3%A5%C2%B9%C2%B4%C3%A6%C2%96%C2%B0%C3%A8%C2%A3%C2%BD%C3%A4%C2%BD%C2%9C%C3%A6%C2%83%C2%A1%C3%A7%C2%AB%C2%A5%C3%A6%C2%97%C2%A5%C3%A8%C2%A8%C2%98%C3%A7%C2%AC%C2%AC%C3%A4%C2%BA%C2%8C%C3%A9%C2%83%C2%A8%C3%A6%C2%9B%C2%B2%C3%A3%C2%80%C2%8A%C3%A4%C2%BA%C2%8C%C3%A4%C2%BA%C2%BA%C3%A8%C2%AD%C2%89%C3%A6%C2%93%C2%9A%C3%A3%C2%80%C2%8B%C3%A9%C2%96%C2%8B%C3%A5%C2%A7%C2%8B%C3%A9%C2%A0%C2%90/ HTTP/1.1" 404 39515 "-" "Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)" 2001:41d0:303:6f6b::1 - - [12/Jun/2026:07:23:13 +0800] "GET /2015%C3%A7%C2%A4%C2%BE%C3%A5%C2%8D%C2%80%C3%A6%C2%96%C2%87%C3%A5%C2%8C%C2%96%C3%A5%C2%A4%C2%A7%C3%A4%C2%BD%C2%BF-%C3%A3%C2%80%C2% ... show less	Bad Web Bot Web App Attack
🇬🇧 Mendip_Defender	2026-06-06 07:29:24 (2 weeks ago)	2001:41d0:303:6f6b::1 - - [06/Jun/2026:08:29:20 +0100] "GET /robots.txt HTTP/1.1" 403 146 "-" "Mozil ... show more 2001:41d0:303:6f6b::1 - - [06/Jun/2026:08:29:20 +0100] "GET /robots.txt HTTP/1.1" 403 146 "-" "Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)" ... show less	Bad Web Bot
🇳🇱 Mangelot Hosting	2026-05-26 07:43:13 (3 weeks ago)	(modsecurity) srv103 ModSecurity 2001:41d0:303:6f6b::1 (FR/France/-): 10 in the last 3600 secs; Port ... show more (modsecurity) srv103 ModSecurity 2001:41d0:303:6f6b::1 (FR/France/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇫🇷 claude CALVET	2026-05-18 06:31:39 (1 month ago)	gew-Joomla User : try to access forms...	Hacking
🇫🇷 ingroscart.it	2026-05-10 18:25:24 (1 month ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 2001:41d0:303:6f6b:: ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 2001:41d0:303:6f6b::1 (Unknown) show less	Bad Web Bot
🇳🇱 Mangelot Hosting	2026-05-10 13:05:50 (1 month ago)	(modsecurity) srv101 ModSecurity 2001:41d0:303:6f6b::1 (FR/-/-): 10 in the last 3600 secs; Ports: ; ... show more (modsecurity) srv101 ModSecurity 2001:41d0:303:6f6b::1 (FR/-/-): 10 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇫🇷 bazter.pro	2026-05-10 11:48:19 (1 month ago)	Fail2Ban: plesk-bot-aggressive - 15 failures	Port Scan Bad Web Bot Web App Attack
🇺🇸 nodepile	2026-05-09 07:35:35 (1 month ago)	Requests denied due to active blacklist hits (tenant=82 method=GET path=/bmw-x6-08-14-headlight-cove ... show more Requests denied due to active blacklist hits (tenant=82 method=GET path=/bmw-x6-08-14-headlight-covers.html ua='Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)') show less	Web App Attack Exploited Host
🇩🇪 kkwemi	2026-05-05 22:46:32 (1 month ago)	Malicious bot detected: Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-04 20:53:40 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2001:41d0:303:6f6b::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210730) triggered by 2001:41d0:303:6f6b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 04 16:53:36.541357 2026] [security2:error] [pid 24035:tid 24035] [client 2001:41d0:303:6f6b::1:43014] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.sawyerwest.com\|F\|2"] [data ".mdb"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sawyerwest.com"] [uri "/images/Checca Site/CheccaFamily.mdb"] [unique_id "afkHUHZ5npkFPbjaPAwrkQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Mendip_Defender	2026-05-04 16:10:41 (1 month ago)	2001:41d0:303:6f6b::1 - - [04/May/2026:17:10:40 +0100] "GET /robots.txt HTTP/1.1" 403 146 "-" "Mozil ... show more 2001:41d0:303:6f6b::1 - - [04/May/2026:17:10:40 +0100] "GET /robots.txt HTTP/1.1" 403 146 "-" "Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)" ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-02 06:54:23 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2001:41d0:303:6f6b::1 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:210730) triggered by 2001:41d0:303:6f6b::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 02:54:15.779593 2026] [security2:error] [pid 30673:tid 30673] [client 2001:41d0:303:6f6b::1:47064] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|miranda-race-walks.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "miranda-race-walks.com"] [uri "/Pages/mail to:[email protected]"] [unique_id "afWfl3YkCP1baEUZIytUsgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Mendip_Defender	2026-04-29 23:52:17 (1 month ago)	2001:41d0:303:6f6b::1 - - [30/Apr/2026:00:52:10 +0100] "GET /robots.txt HTTP/1.1" 403 146 "-" "Mozil ... show more 2001:41d0:303:6f6b::1 - - [30/Apr/2026:00:52:10 +0100] "GET /robots.txt HTTP/1.1" 403 146 "-" "Mozilla/5.0 (compatible; MJ12bot/v1.4.8; http://mj12bot.com/)" ... show less	Bad Web Bot
🇳🇱 Mangelot Hosting	2026-04-28 04:03:02 (1 month ago)	(modsecurity) srv101 ModSecurity 2001:41d0:303:6f6b::1 (FR/France/-): 10 in the last 3600 secs; Port ... show more (modsecurity) srv101 ModSecurity 2001:41d0:303:6f6b::1 (FR/France/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack

Showing 1 to 15 of 174 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 20.65.185.115

🇮🇳 203.92.36.109

🇧🇷 187.14.45.117

🇧🇬 185.255.215.66

🇳🇱 185.226.197.45

🇳🇱 185.226.197.42

🇨🇳 111.203.141.121

🇺🇸 96.244.213.160

🇷🇴 80.94.92.184

🇺🇸 52.206.43.14

🇳🇱 45.148.10.37

🇰🇷 43.128.156.124

🇺🇸 20.102.105.170

🇭🇰 199.45.154.182

🇧🇷 177.53.125.87

🇧🇷 177.10.203.106

🇺🇸 153.66.209.126

🇲🇾 113.211.214.189

🇺🇸 74.109.30.95

🇺🇸 73.24.80.3