JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 240e:108:48a2:fffe::2

240e:108:48a2:fffe::2 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 27%: ?

27%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Chinatelecom IPv6 address for network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Changchun, Jilin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 240e:108:48a2:fffe::2

Whois 240e:108:48a2:fffe::2

IP Abuse Reports for 240e:108:48a2:fffe::2:

This IP address has been reported a total of 68 times from 45 distinct sources. 240e:108:48a2:fffe::2 was first reported on June 14th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 Erpelstolz	2026-06-13 21:01:09 (2 days ago)	external host: 240e:108:48a2:fffe::2 - - [13/Jun/2026:23:01:09 +0200] "GET /HNAP1 HTTP/1.1" 400 292 ... show more external host: 240e:108:48a2:fffe::2 - - [13/Jun/2026:23:01:09 +0200] "GET /HNAP1 HTTP/1.1" 400 292 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" CF-Ray:- CF-IP:- show less	Web App Attack
🇦🇺 Starburst SysOp Team	2026-06-05 03:42:12 (1 week ago)	Request Missing a Host Header. Operator EQ matched 0 at REQUEST_HEADERS. (920280-syd2-4)	Hacking
🇩🇪 kreativstrecke	2026-05-09 06:05:07 (1 month ago)	2026-05-09T07:05:00.585042+01:00 srv03 postfix/postscreen[2541775]: HANGUP after 0.17 from [240e:108 ... show more 2026-05-09T07:05:00.585042+01:00 srv03 postfix/postscreen[2541775]: HANGUP after 0.17 from [240e:108:48a2:fffe::2]:34596 in tests before SMTP handshake 2026-05-09T07:05:05.610607+01:00 srv03 postfix/submission/smtpd[2541779]: lost connection after CONNECT from unknown[240e:108:48a2:fffe::2] 2026-05-09T07:05:06.409202+01:00 srv03 postfix/smtps/smtpd[2541780]: lost connection after CONNECT from unknown[240e:108:48a2:fffe::2] ... show less	Brute-Force
Anonymous	2026-05-08 23:06:07 (1 month ago)		DNS Compromise DDoS Attack
🇩🇪 0x44	2026-04-26 14:10:48 (1 month ago)	Abusive host detected * Web probing for vulnerabilities	Web App Attack Hacking
🇩🇪 Viveronese	2026-04-24 04:04:11 (1 month ago)	SASL LOGIN authentication failed	Brute-Force
🇨🇭 SOC [GOLINE SA]	2026-04-23 12:44:47 (1 month ago)	IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Se ... show more IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Severity: 1-2 \| Category: Security Threat === SOURCE === IP: 240e:108:48a2:fffe::2 (IPv6) \| Port: N/A \| Country: China \| ISP: CT-IPV6-NETWORK-ADDRESS \| rDNS: None === TARGET === Host: time.goline.ch \| IP: time.goline.ch \| Port: multiple \| Protocol: TCP/UDP \| App: N/A === RESPONSE === Time: 2026-04-23 14:44:41 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
🇨🇭 SOC [GOLINE SA]	2026-04-10 19:45:48 (2 months ago)	IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Se ... show more IDS Alert: IDS High-Severity Alert === ATTACK === Signature: IDS High-Severity Alert \| SID: N/A \| Severity: 1-2 \| Category: Security Threat === SOURCE === IP: 240e:108:48a2:fffe::2 (IPv6) \| Port: N/A \| Country: China \| ISP: CT-IPV6-NETWORK-ADDRESS \| rDNS: None === TARGET === Host: time.goline.ch \| IP: time.goline.ch \| Port: multiple \| Protocol: TCP/UDP \| App: N/A === RESPONSE === Time: 2026-04-10 21:45:41 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
Anonymous	2026-04-10 16:45:39 (2 months ago)	[Fri Apr 10 18:45:26.945114 2026] [authz_core:error] [pid 32530] [client 240e:108:48a2:fffe::2:59100 ... show more [Fri Apr 10 18:45:26.945114 2026] [authz_core:error] [pid 32530] [client 240e:108:48a2:fffe::2:59100] AH01630: client denied by server configuration: /etc/httpd/htdocs [Fri Apr 10 18:45:34.173861 2026] [authz_core:error] [pid 21734] [client 240e:108:48a2:fffe::2:33148] AH01630: client denied by server configuration: /etc/httpd/htdocs [Fri Apr 10 18:45:37.524963 2026] [authz_core:error] [pid 21173] [client 240e:108:48a2:fffe::2:51414] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇺🇸 lavnet.net	2026-04-02 05:59:09 (2 months ago)	240e:108:48a2:fffe::2 - - [02/Apr/2026:05:58:27 +0000] "GET / HTTP/1.0" 400 292 "-" "-" 240e:108:48a ... show more 240e:108:48a2:fffe::2 - - [02/Apr/2026:05:58:27 +0000] "GET / HTTP/1.0" 400 292 "-" "-" 240e:108:48a2:fffe::2 - - [02/Apr/2026:05:59:05 +0000] "GET / HTTP/1.0" 400 292 "-" "-" 240e:108:48a2:fffe::2 - - [02/Apr/2026:05:59:06 +0000] "GET / HTTP/1.0" 400 292 "-" "-" 240e:108:48a2:fffe::2 - - [02/Apr/2026:05:59:06 +0000] "GET / HTTP/1.0" 400 292 "-" "-" 240e:108:48a2:fffe::2 - - [02/Apr/2026:05:59:07 +0000] "GET / HTTP/1.0" 400 292 "-" "-" 240e:108:48a2:fffe::2 - - [02/Apr/2026:05:59:09 +0000] "GET / HTTP/1.0" 400 292 "-" "-" ... show less	Brute-Force
🇩🇪 DEV-DNS	2026-03-31 05:33:21 (2 months ago)	Port Scan detected from 240e:108:48a2:fffe::2 (Unknown).	Port Scan
🇦🇺 aranguren.org	2026-03-22 06:54:24 (2 months ago)	240e:108:48a2:fffe::2 - - [22/Mar/2026:17:54:01 +1100] "GET /nmaplowercheck1774162441 HTTP/1.1" 400 ... show more 240e:108:48a2:fffe::2 - - [22/Mar/2026:17:54:01 +1100] "GET /nmaplowercheck1774162441 HTTP/1.1" 400 918 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:108:48a2:fffe::2 - - [22/Mar/2026:17:54:01 +1100] "POST /sdk HTTP/1.1" 400 918 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:108:48a2:fffe::2 - - [22/Mar/2026:17:54:01 +1100] "HEAD / HTTP/1.1" 400 - "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:108:48a2:fffe::2 - - [22/Mar/2026:17:54:02 +1100] "GET / HTTP/1.1" 400 918 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:108:48a2:fffe::2 - - [22/Mar/2026:17:54:02 +1100] "GET /HNAP1 HTTP/1.1" 400 918 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:108:48a2 ... show less	Bad Web Bot
🇫🇷 Provost-info	2026-03-13 20:48:10 (3 months ago)	multiple unauthorized DNS cache Query	Brute-Force SSH
Anonymous	2026-03-13 02:11:44 (3 months ago)	240e:108:48a2:fffe::2 - - [13/Mar/2026:02:11:43 +0000] "\x16\x03\x01\x02" 400 432 "-" "-" ...	Bad Web Bot Web App Attack
Anonymous	2026-03-12 03:49:02 (3 months ago)	$f2bV_matches	Brute-Force SSH

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 218.253.136.209

🇺🇸 216.25.89.65

🇺🇸 193.228.131.200

🇳🇱 169.150.218.155

🇺🇸 147.185.132.32

🇳🇱 81.19.216.89

🇺🇸 20.163.16.165

🇨🇱 200.54.102.243

🇹🇼 198.235.24.104

🇸🇬 194.5.82.137

🇧🇴 190.181.27.27

🇺🇸 162.216.150.56

🇬🇧 130.162.182.46

🇨🇳 113.57.5.139

🇹🇼 110.25.112.132

🇿🇦 105.187.46.96

🇩🇪 63.178.108.156

🇭🇰 47.83.123.38

🇺🇸 34.41.247.182

🇯🇵 20.18.144.161