JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 240e:108:4a41:fffe::3

240e:108:4a41:fffe::3 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 56%: ?

56%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Chinatelecom IPv6 address for network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Dezhou, Shandong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 240e:108:4a41:fffe::3

Whois 240e:108:4a41:fffe::3

IP Abuse Reports for 240e:108:4a41:fffe::3:

This IP address has been reported a total of 62 times from 42 distinct sources. 240e:108:4a41:fffe::3 was first reported on June 5th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 1gz	2026-06-05 08:52:01 (3 days ago)	Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CN. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 london2038.com	2026-06-04 11:38:19 (3 days ago)	Connection atttempts against closed TCP ports Jun 4 13:38:13 BLOCK SRC=240e:0108:4a41:fffe:0000:000 ... show more Connection atttempts against closed TCP ports Jun 4 13:38:13 BLOCK SRC=240e:0108:4a41:fffe:0000:0000:0000:0003 LEN=64 TC=0 HOPLIMIT=242 FLOWLBL=0 PROTO=TCP SPT=37213 DPT=8888 WINDOW=1024 RES=0x00 SYN Jun 4 13:38:13 BLOCK SRC=240e:0108:4a41:fffe:0000:0000:0000:0003 LEN=64 TC=0 HOPLIMIT=242 FLOWLBL=0 PROTO=TCP SPT=37213 DPT=1723 WINDOW=1024 RES=0x00 SYN Jun 4 13:38:13 BLOCK SRC=240e:0108:4a41:fffe:0000:0000:0000:0003 LEN=64 TC=0 HOPLIMIT=242 FLOWLBL=0 PROTO=TCP SPT=37213 DPT=143 WINDOW=1024 RES=0x00 SYN show less	Port Scan
🇫🇮 Erpelstolz	2026-05-29 11:46:25 (1 week ago)	external host: 240e:108:4a41:fffe::3 - - [29/May/2026:13:46:24 +0200] "GET /HNAP1 HTTP/1.1" 400 292 ... show more external host: 240e:108:4a41:fffe::3 - - [29/May/2026:13:46:24 +0200] "GET /HNAP1 HTTP/1.1" 400 292 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" CF-Ray:- CF-IP:- show less	Web App Attack
🇩🇪 Viveronese	2026-05-28 22:36:06 (1 week ago)	HTTP vulnerability scanning	Web App Attack
🇺🇸 xmission.com	2026-05-24 09:27:24 (2 weeks ago)	Blocked by UFW (TCP on 123) Source port: 34249 Packet length: 64 This report (for 240e:0108:4a41:ff ... show more Blocked by UFW (TCP on 123) Source port: 34249 Packet length: 64 This report (for 240e:0108:4a41:fffe:0000:0000:0000:0003) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Admins@FBN	2026-05-23 11:49:57 (2 weeks ago)	FW-PortScan: Traffic Blocked srcport=47124 dstport=22	Port Scan Hacking SSH
🇩🇪 ecs.ge	2026-05-23 03:03:18 (2 weeks ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇩🇪 snhosting	2026-05-22 07:09:16 (2 weeks ago)	2026-05-22T09:09:05.414245+02:00 www4 postfix/submission/smtpd[2331167]: improper command pipelining ... show more 2026-05-22T09:09:05.414245+02:00 www4 postfix/submission/smtpd[2331167]: improper command pipelining after CONNECT from unknown[240e:108:4a41:fffe::3]: EHLO\r\n 2026-05-22T09:09:05.813584+02:00 www4 postfix/submission/smtpd[2331167]: improper command pipelining after CONNECT from unknown[240e:108:4a41:fffe::3]: HELP\r\n 2026-05-22T09:09:07.005606+02:00 www4 postfix/smtpd[2286764]: improper command pipelining after CONNECT from unknown[240e:108:4a41:fffe::3]: HELP\r\n 2026-05-22T09:09:07.459195+02:00 www4 postfix/smtpd[2320876]: improper command pipelining after CONNECT from unknown[240e:108:4a41:fffe::3]: \r\n\r\n 2026-05-22T09:09:07.795033+02:00 www4 postfix/smtpd[2286764]: improper command pipelining after CONNECT from unknown[240e:108:4a41:fffe::3]: GET / HTTP/1.0\r\n\r\n ... show less	Phishing Email Spam Brute-Force Web App Attack SSH
🇺🇸 Starburst SysOp Team	2026-05-14 23:58:43 (3 weeks ago)	Request Missing a Host Header. Operator EQ matched 0 at REQUEST_HEADERS. (920280-stl2-13)	Hacking
🇩🇪 samba.org	2026-05-14 23:51:48 (3 weeks ago)	spam (f2b h2)	Brute-Force
🇳🇱 Roderic	2026-05-11 04:06:20 (4 weeks ago)	Port Scan detected from 240e:108:4a41:fffe::3 (CN/China/-/-/-/[redacted]).	Port Scan
🇩🇪 london2038.com	2026-05-09 10:10:14 (4 weeks ago)	Probing for exploits 240e:108:4a41:fffe::3 - - [09/May/2026:12:10:10 +0200] "GET / HTTP/1.1" 422 0 " ... show more Probing for exploits 240e:108:4a41:fffe::3 - - [09/May/2026:12:10:10 +0200] "GET / HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0" 240e:108:4a41:fffe::3 - - [09/May/2026:12:10:10 +0200] "GET /favicon.ico HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Edg/122.0.0.0" show less	Hacking Web App Attack
Anonymous	2026-04-27 12:13:33 (1 month ago)	Unauthorized connection to openVPN port 1194	Port Scan
Anonymous	2026-04-27 12:13:31 (1 month ago)	Unauthorized connection to SIP port 5060	Fraud VoIP Port Scan
🇩🇪 Admins@FBN	2026-04-25 00:48:38 (1 month ago)	FW-PortScan: Traffic Blocked srcport=52927 dstport=22	Port Scan Hacking SSH

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.239.254.216

🇨🇳 183.56.199.49

🇯🇴 176.29.229.159

🇺🇸 162.243.114.171

🇺🇸 154.53.58.161

🇧🇩 103.65.240.34

🇺🇸 91.230.168.184

🇱🇹 91.224.92.32

🇺🇸 64.62.197.204

🇮🇪 64.43.15.29

🇧🇷 45.171.128.223

🇮🇩 36.88.18.218

🇺🇸 3.139.100.75

🇷🇴 2.57.121.112

🇩🇪 213.209.159.175

🇬🇧 185.247.137.142

🇫🇷 185.177.72.10

🇮🇳 115.245.198.214

🇷🇴 92.118.39.236

🇩🇪 91.107.151.199