JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2001:41d0:602:248a::

2001:41d0:602:248a:: was found in our database!

This IP was reported 95 times. Confidence of Abuse is 56%: ?

56%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	OVH Sp. z o. o.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Domain Name	ovh.net
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2001:41d0:602:248a::

Whois 2001:41d0:602:248a::

IP Abuse Reports for 2001:41d0:602:248a:::

This IP address has been reported a total of 95 times from 30 distinct sources. 2001:41d0:602:248a:: was first reported on February 24th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-08 22:27:51 (3 hours ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 03:23:32 (22 hours ago)	(mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:23:26.489891 2026] [security2:error] [pid 9007:tid 9007] [client 2001:41d0:602:248a:::50600] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|georgesmarina.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "georgesmarina.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiY1riaKbOFy4Lcc8LFrmAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-07 22:27:00 (1 day ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 14:27:30 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 10:27:25.405236 2026] [security2:error] [pid 32009:tid 32009] [client 2001:41d0:602:248a:::50252] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.losbarbarosdelnorte.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.losbarbarosdelnorte.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiLczZTJ6Cg9iN6hz1CEgQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 09:35:18 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 05:35:10.818860 2026] [security2:error] [pid 29784:tid 29784] [client 2001:41d0:602:248a:::48600] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.appalachianfolkmagician.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.appalachianfolkmagician.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiKYTnLA0KVfCXxHzddhHQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 R.G.	2026-06-05 07:11:35 (3 days ago)	(XMLRPCorWHATEVER) Get lost please 2001:41d0:602:248a:: (Unknown): 3 in the last 900 secs; Ports: ; ... show more (XMLRPCorWHATEVER) Get lost please 2001:41d0:602:248a:: (Unknown): 3 in the last 900 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 06:19:01 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:18:55.357778 2026] [security2:error] [pid 24388:tid 24388] [client 2001:41d0:602:248a:::0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|local639.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "local639.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiJqT4WxRGTRdWO9Vqqb6AAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 18:48:28 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:225170) triggered by 2001:41d0:602:248a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 14:48:23.127575 2026] [security2:error] [pid 12428:tid 12428] [client 2001:41d0:602:248a:::49268] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.yuichiro.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.yuichiro.us"] [uri "/wp-json/wp/v2/users"] [unique_id "aiHIdxXmFPTB8DJomtnaNAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Alboweb B.V.	2026-06-04 03:12:04 (4 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-05-06 20:30:06 (1 month ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-05-06 03:10:24 (1 month ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
🇺🇸 dtorrer	2026-05-06 00:15:56 (1 month ago)	Brute-force general attack.	Brute-Force
🇩🇪 Hazzard	2026-05-05 23:47:14 (1 month ago)	(PERMBLOCK) 2001:41d0:602:248a:: (FR/France/-/-/-/[redacted]) has had more than 4 temp blocks	Hacking
🇩🇪 LRob.fr	2026-05-05 11:00:07 (1 month ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 Hazzard	2026-05-05 06:20:57 (1 month ago)	(wordpress) Failed wordpress login from 2001:41d0:602:248a:: (FR/France/-/-/-/[redacted]): (CF_ENAB ... show more (wordpress) Failed wordpress login from 2001:41d0:602:248a:: (FR/France/-/-/-/[redacted]): (CF_ENABLE) show less	Brute-Force

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.13.98.129

🇮🇩 103.122.67.223

🇳🇱 93.123.109.114

🇩🇪 85.215.107.193

🇸🇰 37.9.175.163

🇰🇷 222.232.176.7

🇦🇷 186.13.21.145

🇰🇿 176.124.88.29

🇺🇸 172.248.251.69

🇧🇪 144.86.173.90

🇨🇳 112.86.225.51

🇨🇳 106.13.239.146

🇨🇳 106.13.209.152

🇨🇳 106.13.39.89

🇨🇳 103.120.227.88

🇫🇷 82.102.18.180

🇫🇷 51.15.149.97

🇸🇬 47.236.106.62

🇳🇱 45.148.10.240

🇹🇿 41.93.28.4