JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2804:14d:6880:84ca::1002

2804:14d:6880:84ca::1002 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 48%: ?

48%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Claro NXT Telecomunicacoes Ltda
Usage Type	Fixed Line ISP
ASN	AS28573
Domain Name	claro.com.br
Country	🇧🇷 Brazil
City	Sao Jose dos Campos, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2804:14d:6880:84ca::1002

Whois 2804:14d:6880:84ca::1002

IP Abuse Reports for 2804:14d:6880:84ca::1002:

This IP address has been reported a total of 13 times from 7 distinct sources. 2804:14d:6880:84ca::1002 was first reported on June 26th 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ghostwarriors	2026-06-29 12:50:12 (12 hours ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-29 07:20:08 (18 hours ago)	[MonJun2909:20:04.6060142026][security2:error][pid1454962:tid1455301][client2804:14d:6880:84ca::1002 ... show more [MonJun2909:20:04.6060142026][security2:error][pid1454962:tid1455301][client2804:14d:6880:84ca::1002:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"mondo-it.ch\"][uri\"/xmlrpc.php\"][unique_id\"akIcpE2iveJi62jwxxL5sgAAAQs\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 05:23:49 (20 hours ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the la ... show more (mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 01:23:42.604624 2026] [security2:error] [pid 24645:tid 24645] [client 2804:14d:6880:84ca::1002:63107] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|joevallone.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "joevallone.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIBXhmzBVdYBf__iJ_jkQAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 04:22:12 (21 hours ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the la ... show more (mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:22:05.563210 2026] [security2:error] [pid 10349:tid 10349] [client 2804:14d:6880:84ca::1002:56757] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hotelkona.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hotelkona.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akHy7f_axUvsNv1_cZJEJAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 04:48:00 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the la ... show more (mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:47:55.893409 2026] [security2:error] [pid 26227:tid 26227] [client 2804:14d:6880:84ca::1002:52175] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gracebaptisthartsville.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gracebaptisthartsville.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akCne5HdzBLNWBV7d9ODqAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-28 02:55:01 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 01:34:03 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the la ... show more (mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 21:33:58.026216 2026] [security2:error] [pid 12669:tid 12669] [client 2804:14d:6880:84ca::1002:50236] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|diegogamazo.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "diegogamazo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akB6Bo4FcK3Pwrej4hv64AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 17:47:16 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the la ... show more (mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 13:47:13.061378 2026] [security2:error] [pid 10278:tid 10289] [client 2804:14d:6880:84ca::1002:64098] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|worldecom.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "worldecom.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akAMoVthQgPB4sDPSCOEwgAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 Olexiy Backend	2026-06-27 14:51:47 (2 days ago)	2804:14d:6880:84ca::1002 ...	Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-06-27 13:07:20 (2 days ago)	(wordpress) Failed wordpress login from 2804:14d:6880:84ca::1002 (BR/Brazil/São Paulo/São José dos C ... show more (wordpress) Failed wordpress login from 2804:14d:6880:84ca::1002 (BR/Brazil/São Paulo/São José dos Campos/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-26 23:40:32 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the la ... show more (mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:40:26.463459 2026] [security2:error] [pid 15003:tid 15003] [client 2804:14d:6880:84ca::1002:63393] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|aquanauticsige.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aquanauticsige.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj8N6v9lC1HxU658WZTATwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-26 20:05:59 (3 days ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 17:28:27 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the la ... show more (mod_security) mod_security (id:225170) triggered by 2804:14d:6880:84ca::1002 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 13:28:20.294523 2026] [security2:error] [pid 963:tid 977] [client 2804:14d:6880:84ca::1002:58324] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sparkhypnotherapy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sparkhypnotherapy.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj62tG0Xw9GxYm94LS8FVQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 219.151.187.107

🇳🇱 195.178.110.30

🇬🇧 193.163.125.34

🇮🇳 185.100.212.141

🇳🇱 160.119.76.32

🇪🇨 157.100.140.253

🇬🇧 139.59.160.236

🇨🇳 120.195.141.100

🇨🇳 120.132.55.252

🇨🇳 117.89.249.222

🇨🇳 112.5.233.47

🇷🇸 109.106.239.77

🇳🇱 91.92.40.231

🇺🇸 64.62.197.91

🇩🇪 5.75.164.28

🇩🇪 185.207.107.77

🇺🇸 184.34.85.144

🇻🇳 171.231.182.149

🇨🇳 115.192.225.154

🇩🇪 69.5.169.9