JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a04:c300:400::1e6

2a04:c300:400::1e6 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 50%: ?

50%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Advin Services LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	advinservers.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a04:c300:400::1e6

Whois 2a04:c300:400::1e6

IP Abuse Reports for 2a04:c300:400::1e6:

This IP address has been reported a total of 15 times from 7 distinct sources. 2a04:c300:400::1e6 was first reported on June 17th 2026, and the most recent report was 8 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 20:23:47 (8 minutes ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 16:23:41.035428 2026] [security2:error] [pid 8828:tid 8828] [client 2a04:c300:400::1e6:15516] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.puckerbikinis.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.puckerbikinis.com"] [uri "/wp-content/debug.log"] [unique_id "ajMCTRpewduJxowlV80rNAAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 19:24:26 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 15:24:20.884303 2026] [security2:error] [pid 23367:tid 23367] [client 2a04:c300:400::1e6:58784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bentechconstruction.com"] [uri "/.env"] [unique_id "ajL0ZAPpnukW8-qTNx9RkgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-17 18:43:33 (1 hour ago)	(modsecurity) srv102 ModSecurity 2a04:c300:400::1e6 (DE/Germany/-): 10 in the last 3600 secs; Ports: ... show more (modsecurity) srv102 ModSecurity 2a04:c300:400::1e6 (DE/Germany/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 updown.io	2026-06-17 18:09:49 (2 hours ago)	{"level":"info","ts":1781716544.0572085,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1781716544.0572085,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"2a04:c300:400::1e6","remote_port":"57816","client_ip":"2a04:c300:400::1e6","proto":"HTTP/1.1","method":"GET","host":"status.apifreaks.com","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (X11; Linux x86_64; rv:150.0) Gecko/20100101 Firefox/150.0"],"Accept":["/"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000105131,"size":0,"status":308,"resp_headers":{"Connection":["close"],"Location":["https://status.apifreaks.com/"],"Content-Type":[],"Server":["Caddy"]}} {"level":"info","ts":1781718592.6296675,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"2a04:c300:400::1e6","remote_port":"20344","client_ip":"2a04:c300:400::1e6","proto":"HTTP/1.1","method":"GET","host":"cf76.status.updown.io","uri":"/","headers":{"Accept":["/"],"Accept-Encoding":["gzip"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Ap ... show less	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 18:00:18 (2 hours ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 14:00:15.229649 2026] [security2:error] [pid 5467:tid 5467] [client 2a04:c300:400::1e6:23712] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|checkmyhomevalueca.kunzteam.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "checkmyhomevalueca.kunzteam.com"] [uri "/wp-content/debug.log"] [unique_id "ajLgrwT2X1c0L5AkfdPT3gAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-17 17:52:43 (2 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 2a04:c300:400::1e6 (Unknown)	SQL Injection
🇺🇸 TPI-Abuse	2026-06-17 17:42:15 (2 hours ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 13:42:07.908995 2026] [security2:error] [pid 10241:tid 10241] [client 2a04:c300:400::1e6:50894] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ourcritterguy.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ourcritterguy.com"] [uri "/wp-content/debug.log"] [unique_id "ajLcb2rPDfocnLKQrg4FtAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 17:25:45 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 13:25:42.718777 2026] [security2:error] [pid 19851:tid 19872] [client 2a04:c300:400::1e6:63226] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.saskiarose.com"] [uri "/public/.env"] [unique_id "ajLYlt1Qk1PcsDdLO_mf0wAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 17:01:18 (3 hours ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 13:01:14.329487 2026] [security2:error] [pid 3699:tid 3699] [client 2a04:c300:400::1e6:61586] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.sabecocont.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.sabecocont.com"] [uri "/wp-content/debug.log"] [unique_id "ajLS2gTLmfrVBTJW-a4tmQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 konseptit	2026-06-17 16:48:34 (3 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 2a04:c300:400::1e6 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-06-17 16:36:54 (3 hours ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 12:36:50.565670 2026] [security2:error] [pid 11930:tid 11930] [client 2a04:c300:400::1e6:13224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ipv6.catking.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ipv6.catking.net"] [uri "/wp-content/debug.log"] [unique_id "ajLNIgshn8FgQ9ZW3NzIMgAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 16:20:07 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 12:20:00.665511 2026] [security2:error] [pid 21937:tid 21961] [client 2a04:c300:400::1e6:22868] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.fayleuzzi.com"] [uri "/.env"] [unique_id "ajLJMHGdDQHbQNDDuM1bqAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-17 15:56:51 (4 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 15:49:07 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1e6 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 11:49:03.973022 2026] [security2:error] [pid 29965:tid 29965] [client 2a04:c300:400::1e6:35972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.digitalracemedia.com"] [uri "/.env"] [unique_id "ajLB7_iqRF7I-CXa91pSwwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-17 15:30:08 (5 hours ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.240.236.116

🇨🇳 221.229.220.180

🇧🇷 205.210.31.223

🇳🇱 178.16.53.13

🇨🇳 175.42.175.41

🇸🇬 129.226.95.93

🇧🇷 45.232.73.84

🇺🇸 23.234.104.176

🇺🇸 23.234.104.120

🇺🇸 216.25.89.71

🇰🇷 211.221.196.103

🇰🇷 106.240.29.98

🇺🇸 98.90.43.197

🇲🇩 80.245.93.133

🇺🇸 23.234.103.47

🇨🇦 20.104.248.142

🇩🇪 8.211.34.206

🇨🇳 220.154.133.166

🇨🇳 218.94.25.243

🇭🇰 199.45.154.153