This IP was reported 54 times. Confidence of
Abuse
is 100%: ?
100%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
This IP address has been reported a total of
54
times from
26 distinct
sources.
2a04:c300:400::1e0 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
{"level":"info","ts":1782096081.481883,"logger":"http.log.access.log1","msg":"handled request","requ ...
show more{"level":"info","ts":1782096081.481883,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"2a04:c300:400::1e0","remote_port":"62096","client_ip":"2a04:c300:400::1e0","proto":"HTTP/1.1","method":"GET","host":"status.recyclingmonitor.de","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (iPhone; CPU iPhone OS 18_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Mobile/15E148 Safari/604.1"],"Accept":["*/*"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000098968,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.recyclingmonitor.de/"],"Content-Type":[]}}
{"level":"info","ts":1782096085.2802215,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"2a04:c300:400::1e0","remote_port":"37602","client_ip":"2a04:c300:400::1e0","proto":"HTTP/1.1","method":"GET","host":"status.recyclingmonitor.de","uri":"/appsettings.Production.json","headers":{"
...
show less
crowdsecurity/http-probing - Ip 2a04:c300:400::1e0 performed 'crowdsecurity/http-probing' (11 events ...
show morecrowdsecurity/http-probing - Ip 2a04:c300:400::1e0 performed 'crowdsecurity/http-probing' (11 events over 1.645590391s) at 2026-06-21 23:38:18.548426712 +0000 UTC
show less
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show moreAuto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-20.
show less
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show moreTriggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env.production.old
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
(modsecurity) srv103 ModSecurity 2a04:c300:400::1e0 (DE/Germany/-): 10 in the last 3600 secs; Ports: ...
show more(modsecurity) srv103 ModSecurity 2a04:c300:400::1e0 (DE/Germany/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
Showing 1 to
15
of 54 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ