2404:c140:1f00:1e::1cac was found in our database!
This IP was reported 44 times. Confidence of
Abuse
is 100%: ?
100%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
This IP address has been reported a total of
44
times from
21 distinct
sources.
2404:c140:1f00:1e::1cac was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
(modsecurity) srv104 ModSecurity 2404:c140:1f00:1e::1cac (HK/Hong Kong/-): 10 in the last 3600 secs; ...
show more(modsecurity) srv104 ModSecurity 2404:c140:1f00:1e::1cac (HK/Hong Kong/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
(modsecurity) srv102 ModSecurity 2404:c140:1f00:1e::1cac (HK/Hong Kong/-): 10 in the last 3600 secs; ...
show more(modsecurity) srv102 ModSecurity 2404:c140:1f00:1e::1cac (HK/Hong Kong/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
[WedJul0114:52:51.9375312026][security2:error][pid1555166:tid1555265][client2404:c140:1f00:1e::1cac: ...
show more[WedJul0114:52:51.9375312026][security2:error][pid1555166:tid1555265][client2404:c140:1f00:1e::1cac:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"[a-z0-9]~\$\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1158\"][id\"390581\"][rev\"1\"][msg\"Atomicorp.comWAFRules:AttackBlocked-DataLeakage-attempttoaccessbackupfile\(disablethisruleifyourequireaccesstofilesthatendwithatilde\)\"][severity\"CRITICAL\"][hostname\"gmint.ch\"][uri\"/.env~\"][unique_id\"akUNo80jhhjFw7VK1b9dxgAAAMk\"]
show less
Triggered Cloudflare WAF (firewallCustom) from HK.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show moreTriggered Cloudflare WAF (firewallCustom) from HK.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less