JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a04:c300:400::1f3

2a04:c300:400::1f3 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 62%: ?

62%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Advin Services LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	advinservers.com
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a04:c300:400::1f3

Whois 2a04:c300:400::1f3

IP Abuse Reports for 2a04:c300:400::1f3:

This IP address has been reported a total of 31 times from 10 distinct sources. 2a04:c300:400::1f3 was first reported on June 15th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 11:25:08 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 07:25:03.569391 2026] [security2:error] [pid 2967:tid 2967] [client 2a04:c300:400::1f3:10620] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ilil.net.caonabo.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ilil.net.caonabo.com"] [uri "/wp-content/debug.log"] [unique_id "ajKEDxkGeP7foXp49_YlpAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 08:54:17 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 04:54:12.159550 2026] [security2:error] [pid 22715:tid 22715] [client 2a04:c300:400::1f3:27652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.goalsnet.net"] [uri "/.env"] [unique_id "ajJgtGcvc1JOGTdhCXV0AQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-17 08:15:05 (3 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 xmission.com	2026-06-17 05:35:46 (3 days ago)	Blocked by UFW (TCP on 80) Source port: 45118 Packet length: 80 This report (for 2a04:c300:0400:000 ... show more Blocked by UFW (TCP on 80) Source port: 45118 Packet length: 80 This report (for 2a04:c300:0400:0000:0000:0000:0000:01f3) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 02:55:53 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 22:55:46.958918 2026] [security2:error] [pid 28041:tid 28041] [client 2a04:c300:400::1f3:49778] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ipv6.dubb.productions\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ipv6.dubb.productions"] [uri "/wp-content/debug.log"] [unique_id "ajIMslY8J5KxM7L_KtXMGgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:11:05 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:10:59.751669 2026] [security2:error] [pid 4743:tid 4743] [client 2a04:c300:400::1f3:57330] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ipv6.enselme.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ipv6.enselme.com"] [uri "/wp-content/debug.log"] [unique_id "ajHmE-GPxjSryjsa4bMDuAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 22:43:03 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 18:42:57.760003 2026] [security2:error] [pid 20656:tid 20656] [client 2a04:c300:400::1f3:59326] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ipv6.emgeorge.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ipv6.emgeorge.com"] [uri "/wp-content/debug.log"] [unique_id "ajHRcYCUXiZSC6A2GG0BUwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 21:46:54 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 17:46:48.770956 2026] [security2:error] [pid 2976:tid 2976] [client 2a04:c300:400::1f3:6190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.dc406.net"] [uri "/.env"] [unique_id "ajHESDlK5IXcNg0XMZ8HogAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 20:18:43 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:18:36.155661 2026] [security2:error] [pid 30444:tid 30444] [client 2a04:c300:400::1f3:44108] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|garyrankin.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "garyrankin.com"] [uri "/wp-content/debug.log"] [unique_id "ajGvnJP3iTDk-lVt9H0PhAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 19:23:19 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 15:23:14.052014 2026] [security2:error] [pid 25568:tid 25568] [client 2a04:c300:400::1f3:38488] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ipv6.pyxelstudios.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ipv6.pyxelstudios.com"] [uri "/wp-content/debug.log"] [unique_id "ajGioplQzgbhLx7aXxjlugAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 18:39:50 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 14:39:45.754358 2026] [security2:error] [pid 1752:tid 1752] [client 2a04:c300:400::1f3:49204] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trigonom.com"] [uri "/.env"] [unique_id "ajGYcRa8R5ioXnEs7hOtqgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 17:05:47 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 13:05:41.161379 2026] [security2:error] [pid 19460:tid 19460] [client 2a04:c300:400::1f3:24182] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.firingsquadfilms.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.firingsquadfilms.com"] [uri "/wp-content/debug.log"] [unique_id "ajGCZUY7n_VXVByCYWWQuQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 13:19:16 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 09:19:12.758836 2026] [security2:error] [pid 17396:tid 17396] [client 2a04:c300:400::1f3:33546] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|sprek.net\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sprek.net"] [uri "/wp-content/debug.log"] [unique_id "ajFNUGE2Pax-RI4N-OjoGAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 12:56:31 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 08:56:24.659350 2026] [security2:error] [pid 27503:tid 27503] [client 2a04:c300:400::1f3:60246] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|jsanchorfarms.com.daisydoesoap.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jsanchorfarms.com.daisydoesoap.com"] [uri "/wp-content/debug.log"] [unique_id "ajFH-PCwgbzUEmBsqD772QAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 12:20:30 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1f3 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 08:20:24.252800 2026] [security2:error] [pid 19860:tid 19860] [client 2a04:c300:400::1f3:47136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keeftone.tech-servusa.com"] [uri "/app/.env"] [unique_id "ajE_iLglVdYhD_7b44IvbwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.232.114.71

🇧🇷 177.200.44.29

🇵🇪 161.132.50.236

🇯🇵 152.32.147.106

🇫🇮 147.185.133.240

🇩🇪 130.12.180.15

🇨🇳 123.160.173.84

🇻🇳 103.82.20.108

🇳🇱 93.123.72.183

🇷🇺 83.171.89.209

🇳🇱 77.83.39.42

🇳🇱 45.148.10.152

🇨🇲 41.204.82.238

🇨🇳 221.12.37.6

🇰🇷 218.157.163.203

🇺🇸 207.46.13.150

🇬🇧 193.163.125.74

🇨🇳 183.224.79.111

🇷🇺 95.108.213.145

🇮🇹 93.92.73.193