JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2604:2dc0:142:4000::

2604:2dc0:142:4000:: was found in our database!

This IP was reported 48 times. Confidence of Abuse is 49%: ?

49%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	OVH US LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Domain Name	ovhcloud.com
Country	🇺🇸 United States of America
City	Warrenton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2604:2dc0:142:4000::

Whois 2604:2dc0:142:4000::

IP Abuse Reports for 2604:2dc0:142:4000:::

This IP address has been reported a total of 48 times from 16 distinct sources. 2604:2dc0:142:4000:: was first reported on May 24th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-19 02:02:49 (3 days ago)	[FriJun1904:02:44.1477502026][security2:error][pid1488417:tid1488423][client2604:2dc0:142:4000:::0]M ... show more [FriJun1904:02:44.1477502026][security2:error][pid1488417:tid1488423][client2604:2dc0:142:4000:::0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"scrspace.com\"][uri\"/\"][unique_id\"ajSjRFVIkMEDZBl563lr4gAAAAM\"] show less	Port Scan Brute-Force Web App Attack
🇨🇦 lakered	2026-06-16 23:15:23 (5 days ago)	Detectors: [NGINX] \| Reasons: Automated scan targeting an unauthorized host or default server sinkho ... show more Detectors: [NGINX] \| Reasons: Automated scan targeting an unauthorized host or default server sinkhole \| Tech Evidence: JA4: t13d3113h2 \| UA: curl \| ASN: 16276 (OVH SAS) show less	Port Scan Bad Web Bot
🇩🇰 ScamAware	2026-06-13 14:03:47 (1 week ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot / scanner behavior). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: managed_challenge. Cloudflare source: botFight. show less	Bad Web Bot
🇬🇧 pinguin	2026-06-13 03:49:26 (1 week ago)	Triggered Cloudflare WAF (linkMaze) from US. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/2 (GET ... show more Triggered Cloudflare WAF (linkMaze) from US. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/2 (GET method) Endpoint: / UA: curl This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 xmission.com	2026-06-10 13:12:01 (1 week ago)	Blocked by UFW (TCP on 443) Source port: 56934 Packet length: 80 This report (for 2604:2dc0:0142:40 ... show more Blocked by UFW (TCP on 443) Source port: 56934 Packet length: 80 This report (for 2604:2dc0:0142:4000:0000:0000:0000:0000) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 xmission.com	2026-06-10 07:57:38 (1 week ago)	Blocked by UFW (TCP on 80) Source port: 41114 Packet length: 80 This report (for 2604:2dc0:0142:400 ... show more Blocked by UFW (TCP on 80) Source port: 41114 Packet length: 80 This report (for 2604:2dc0:0142:4000:0000:0000:0000:0000) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 xmission.com	2026-06-10 02:43:55 (1 week ago)	Blocked by UFW (TCP on 443) Source port: 35304 Packet length: 80 This report (for 2604:2dc0:0142:40 ... show more Blocked by UFW (TCP on 443) Source port: 35304 Packet length: 80 This report (for 2604:2dc0:0142:4000:0000:0000:0000:0000) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 4server	2026-06-09 06:21:52 (1 week ago)	[TueJun0908:21:46.9347152026][security2:error][pid2474906:tid2474984][client2604:2dc0:142:4000:::0]M ... show more [TueJun0908:21:46.9347152026][security2:error][pid2474906:tid2474984][client2604:2dc0:142:4000:::0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"newbeauty-pully.ch\"][uri\"/\"][unique_id\"aiew-qK8lGNazDeqIjCxdgAAAJE\"] show less	Port Scan Brute-Force Web App Attack
🇩🇰 ScamAware	2026-06-07 16:05:33 (2 weeks ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot / scanner behavior). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: managed_challenge. Cloudflare source: botFight. show less	Bad Web Bot
🇩🇪 filstal.org	2026-06-05 06:53:12 (2 weeks ago)	Bad bot activity detected (automated scraping/probing) UA: curl	Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-04 15:57:16 (2 weeks ago)	[ThuJun0417:57:13.8239612026][security2:error][pid3569068:tid3569176][client2604:2dc0:142:4000:::0]M ... show more [ThuJun0417:57:13.8239612026][security2:error][pid3569068:tid3569176][client2604:2dc0:142:4000:::0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"maurokorangraf.ch\"][uri\"/\"][unique_id\"aiGgWdRMSuC6NswThaWysQAAANQ\"] show less	Port Scan Brute-Force Web App Attack
🇩🇰 ScamAware	2026-06-04 01:57:08 (2 weeks ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot / scanner behavior). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: managed_challenge. Cloudflare source: botFight. show less	Bad Web Bot
🇩🇪 filstal.org	2026-06-01 06:32:37 (3 weeks ago)	Automated security scan or exploit attempt detected by Fail2Ban	Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-05-30 21:27:19 (3 weeks ago)	Automated security scan or exploit attempt detected by Fail2Ban	Bad Web Bot Web App Attack
🇯🇵 Kinsei Engineering Inc.	2026-05-30 13:54:41 (3 weeks ago)	UFW:High-frequency access to unused ports	Port Scan

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.239.251.12

🇵🇱 194.180.48.33

🇳🇱 91.92.40.240

🇮🇷 78.109.200.147

🇺🇸 45.56.83.247

🇺🇸 44.243.215.247

🇰🇷 218.156.93.206

🇺🇸 207.254.40.89

🇩🇪 91.98.116.217

🇸🇬 82.38.180.241

🇺🇸 52.27.142.186

🇱🇹 45.227.254.170

🇺🇸 20.119.86.71

🇬🇧 217.154.35.203

🇬🇧 193.163.125.181

🇺🇸 173.239.240.21

🇺🇸 134.122.115.32

🇺🇸 132.196.69.70

🇻🇳 115.73.213.75

🇺🇸 100.31.210.196