JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 240e:204:4:6::4

240e:204:4:6::4 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 39%: ?

39%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Asia Pacific Network Information Centre
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	apnic.net
Country	🇨🇳 China
City	Beijing, Beijing

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 240e:204:4:6::4

Whois 240e:204:4:6::4

IP Abuse Reports for 240e:204:4:6::4:

This IP address has been reported a total of 42 times from 32 distinct sources. 240e:204:4:6::4 was first reported on May 28th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-21 12:09:56 (2 months ago)	2026-04-21T14:09:37.973144+02:00 postfix/smtpd[3381238]: improper command pipelining after CONNECT ... show more 2026-04-21T14:09:37.973144+02:00 postfix/smtpd[3381238]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: EHLO\r\n 2026-04-21T14:09:46.726178+02:00 postfix/smtpd[3381238]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: HELP\r\n 2026-04-21T14:09:54.439831+02:00 postfix/smtpd[3381238]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: GET / HTTP/1.0\r\n\r\n show less	Email Spam
🇨🇭 Ribeye375	2026-04-10 23:05:38 (2 months ago)	HIPS fake-user-agent - Block tcp/0:65535	Port Scan Bad Web Bot
🇩🇪 MarkGGN	2026-03-13 02:26:45 (3 months ago)	SMTP Bruteforce. 2026-03-13T03:26:42.051598+01:00 . postfix/submission/smtpd[807619]: improper com ... show more SMTP Bruteforce. 2026-03-13T03:26:42.051598+01:00 . postfix/submission/smtpd[807619]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: EHLOrn 2026-03-13T03:26:44.068889+01:00 . postfix/submission/smtpd[807619]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: HELPrn show less	Brute-Force
🇳🇱 Mangelot Hosting	2026-02-12 16:52:33 (4 months ago)	(modsecurity) srv104 ModSecurity 240e:204:4:6::4 (Unknown): 5 in the last 3600 secs; Ports: ; Direc ... show more (modsecurity) srv104 ModSecurity 240e:204:4:6::4 (Unknown): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 Admins@FBN	2026-02-05 10:46:36 (4 months ago)	FW-PortScan: Traffic Blocked srcport=55076 dstport=143	Port Scan
🇸🇬 securejdprop	2026-01-31 00:08:48 (4 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(🐾 - 🚨 Network 🕵 sc ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(🐾 - 🚨 Network 🕵 scan 🎩 NMAP 👨‍💻). Ip 240e:0204:0004:0006:0000:0000:0000:0004 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-01-31 00:08:46.749077721 +0000 UTC show less	Hacking Web App Attack
Anonymous	2026-01-24 16:11:18 (5 months ago)	2026-01-24T17:11:14.681296+01:00 mail.nb6.de postfix/smtpd[457469]: improper command pipelining afte ... show more 2026-01-24T17:11:14.681296+01:00 mail.nb6.de postfix/smtpd[457469]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: EHLO\r\n 2026-01-24T17:11:14.978100+01:00 mail.nb6.de postfix/smtpd[457469]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: HELP\r\n 2026-01-24T17:11:15.298432+01:00 mail.nb6.de postfix/smtpd[457469]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: GET / HTTP/1.0\r\n\r\n 2026-01-24T17:11:17.175340+01:00 mail.nb6.de postfix/smtpd[457726]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: HELP\r\n 2026-01-24T17:11:17.677171+01:00 mail.nb6.de postfix/smtpd[457726]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: \r\n\r\n ... show less	Brute-Force
Anonymous	2026-01-09 20:09:44 (5 months ago)	[10/Jan/2026:07:09:43 +1100] "HEAD / HTTP/1.1" 400 - "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKi ... show more [10/Jan/2026:07:09:43 +1100] "HEAD / HTTP/1.1" 400 - "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" [10/Jan/2026:07:09:43 +1100] "GET /nmaplowercheck1767989382 HTTP/1.1" 400 266 "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" show less	Hacking Web App Attack
🇬🇧 openstrike.co.uk	2025-12-04 09:09:13 (6 months ago)	137 packets to ports 23 25 37 80 81 85 88 110 111 113 135 139 143 199 264 443 548 554 563 587 631 64 ... show more 137 packets to ports 23 25 37 80 81 85 88 110 111 113 135 139 143 199 264 443 548 554 563 587 631 646 666 705 800 808 880 993 995 999 1022 1025 1248 1311 1433 1501 1503 1666 1687 1723 1935 2020 2323 3052 3306 3333 3389 3690 5001 5009 5222 5432 5550 5560 5800, etc. show less	Port Scan
🇬🇧 Ged	2025-11-27 11:07:36 (7 months ago)	Brute force.	Brute-Force
🇩🇪 ksol-hostmaster	2025-11-05 18:02:19 (7 months ago)	Nov 5 19:02:12 ksol dovecot[89098]: pop3-login: Disconnected: Connection closed (no auth attempts i ... show more Nov 5 19:02:12 ksol dovecot[89098]: pop3-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=240e:204:4:6::4, lip=2a01:4f8:2200:30c2::22, session=<+Q91v9xClr8kDgIEAAQABgAAAAAAAAAE> Nov 5 19:02:12 ksol dovecot[89098]: imap-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=240e:204:4:6::4, lip=2a01:4f8:2200:30c2::22, session=<ooB1v9xCYoAkDgIEAAQABgAAAAAAAAAE> Nov 5 19:02:18 ksol dovecot[89098]: pop3-login: Disconnected: Connection closed: SSL_accept() failed: error:0A00018C:SSL routines::version too low (no auth attempts in 6 secs): user=<>, rip=240e:204:4:6::4, lip=2a01:4f8:2200:30c2::22, TLS handshaking: SSL_accept() failed: error:0A00018C:SSL routines::version too low, session=<l2bOv9xCfo8kDgIEAAQABgAAAAAAAAAE> Nov 5 19:02:18 ksol dovecot[89098]: imap-login: Disconnected: Connection closed: SSL_accept() failed: error:0A00018C:SSL routines::version too low (no auth attempts in 6 secs): user=<>, rip=240e:204:4:6::4, lip=2 ... show less	Brute-Force
🇺🇸 xmission.com	2025-10-22 10:56:36 (8 months ago)	Blocked by UFW (TCP on 587) Source port: 44642 Packet length: 64 This report (for 240e:0204:0004:00 ... show more Blocked by UFW (TCP on 587) Source port: 44642 Packet length: 64 This report (for 240e:0204:0004:0006:0000:0000:0000:0004) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 becker-software.de	2025-10-16 09:04:23 (8 months ago)	2025-10-16T09:04:21.530360+00:00 becker-software kernel: [UFW BLOCK] IN=eth0 OUT= MAC=bc:24:22:07:02 ... show more 2025-10-16T09:04:21.530360+00:00 becker-software kernel: [UFW BLOCK] IN=eth0 OUT= MAC=bc:24:22:07:02:ee:3e:f2:cc:42:a5:8f:86:dd SRC=240e:0204:0004:0006:0000:0000:0000:0004 DST=2a14:07c0:7000:0500:0077:0090:0016:0003 LEN=64 TC=0 HOPLIMIT=235 FLOWLBL=0 PROTO=TCP SPT=35828 DPT=8888 WINDOW=1024 RES=0x00 SYN URGP=0 2025-10-16T09:04:21.544967+00:00 becker-software kernel: [UFW BLOCK] IN=eth0 OUT= MAC=bc:24:22:07:02:ee:3e:f2:cc:42:a5:8f:86:dd SRC=240e:0204:0004:0006:0000:0000:0000:0004 DST=2a14:07c0:7000:0500:0077:0090:0016:0003 LEN=64 TC=0 HOPLIMIT=235 FLOWLBL=0 PROTO=TCP SPT=35828 DPT=53 WINDOW=1024 RES=0x00 SYN URGP=0 2025-10-16T09:04:21.546934+00:00 becker-software kernel: [UFW BLOCK] IN=eth0 OUT= MAC=bc:24:22:07:02:ee:3e:f2:cc:42:a5:8f:86:dd SRC=240e:0204:0004:0006:0000:0000:0000:0004 DST=2a14:07c0:7000:0500:0077:0090:0016:0003 LEN=64 TC=0 HOPLIMIT=235 FLOWLBL=0 PROTO=TCP SPT=35828 DPT=1723 WINDOW=1024 RES=0x00 SYN URGP=0 2025-10-16T09:04:21.563973+00:00 becker-software kernel: [UFW B ... show less	Port Scan
Anonymous	2025-10-08 17:12:46 (8 months ago)	2025-10-08T19:12:32.885183+02:00 mail postfix/smtps/smtpd[2176261]: lost connection after CONNECT fr ... show more 2025-10-08T19:12:32.885183+02:00 mail postfix/smtps/smtpd[2176261]: lost connection after CONNECT from unknown[240e:204:4:6::4] 2025-10-08T19:12:37.869911+02:00 mail postfix/smtpd[2176259]: lost connection after CONNECT from unknown[240e:204:4:6::4] 2025-10-08T19:12:38.035546+02:00 mail postfix/smtpd[2176259]: improper command pipelining after CONNECT from unknown[240e:204:4:6::4]: EHLO\r\n 2025-10-08T19:12:40.387326+02:00 mail postfix/smtpd[2176086]: lost connection after EHLO from unknown[240e:204:4:6::4] 2025-10-08T19:12:45.535456+02:00 mail postfix/smtpd[2176259]: lost connection after EHLO from unknown[240e:204:4:6::4] ... show less	Brute-Force
🇦🇺 aranguren.org	2025-10-08 14:11:44 (8 months ago)	240e:204:4:6::4 - - [09/Oct/2025:01:11:20 +1100] "GET /nmaplowercheck1759931511 HTTP/1.1" 400 918 "- ... show more 240e:204:4:6::4 - - [09/Oct/2025:01:11:20 +1100] "GET /nmaplowercheck1759931511 HTTP/1.1" 400 918 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:204:4:6::4 - - [09/Oct/2025:01:11:20 +1100] "HEAD / HTTP/1.1" 400 - "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:204:4:6::4 - - [09/Oct/2025:01:11:20 +1100] "GET / HTTP/1.1" 400 918 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:204:4:6::4 - - [09/Oct/2025:01:11:20 +1100] "GET /evox/about HTTP/1.1" 400 918 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:204:4:6::4 - - [09/Oct/2025:01:11:21 +1100] "GET /HNAP1 HTTP/1.1" 400 918 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 240e:204:4:6::4 - - [09/Oct/2025:01:1 ... show less	Bad Web Bot

Showing 16 to 30 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.180.141.15

🇺🇸 52.180.146.167

🇳🇱 45.148.10.239

🇺🇸 207.90.244.2

🇬🇧 193.163.125.19

🇺🇸 185.180.141.10

🇺🇸 159.203.181.27

🇰🇷 106.251.244.178

🇬🇧 102.165.0.11

🇫🇷 85.69.240.210

🇺🇸 66.132.186.246

🇺🇸 47.89.251.186

🇬🇧 35.203.210.75

🇧🇪 34.140.199.109

🇺🇸 4.150.201.26

🇬🇧 213.166.84.46

🇩🇪 194.53.140.72

🇲🇾 180.75.241.3

🇺🇸 147.182.183.153

🇮🇳 122.183.36.86