JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a04:c300:400::1fc

2a04:c300:400::1fc was found in our database!

This IP was reported 9 times. Confidence of Abuse is 38%: ?

38%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Advin Services LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS22295
Domain Name	advinservers.com
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a04:c300:400::1fc

Whois 2a04:c300:400::1fc

IP Abuse Reports for 2a04:c300:400::1fc:

This IP address has been reported a total of 9 times from 5 distinct sources. 2a04:c300:400::1fc was first reported on June 14th 2026, and the most recent report was 5 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 e.fierstra	2026-06-14 12:38:21 (5 minutes ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 12:22:04 (21 minutes ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:21:57.808625 2026] [security2:error] [pid 26208:tid 26208] [client 2a04:c300:400::1fc:46910] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jerrylogoluso.com"] [uri "/laravel/.env"] [unique_id "ai6c5ZrLy1CkbpYMvLGEGwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 12:06:34 (36 minutes ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:06:29.643098 2026] [security2:error] [pid 15681:tid 15692] [client 2a04:c300:400::1fc:65050] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.fastestcopyright.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.fastestcopyright.com"] [uri "/wp-content/debug.log"] [unique_id "ai6ZRdcv_Og2yx_IN-VrDwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-14 11:36:03 (1 hour ago)	340 requests with url.path *credentials.json	Brute-Force Bad Web Bot
🇩🇪 NewWavesApp	2026-06-14 10:53:30 (1 hour ago)	(mod_security) mod_security triggered on hostname [redacted] 2a04:c300:400::1fc (Unknown): (CF_ENAB ... show more (mod_security) mod_security triggered on hostname [redacted] 2a04:c300:400::1fc (Unknown): (CF_ENABLE) show less	SQL Injection
🇺🇸 TPI-Abuse	2026-06-14 10:45:46 (1 hour ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:45:39.831282 2026] [security2:error] [pid 19194:tid 19194] [client 2a04:c300:400::1fc:11306] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.familyfuntennis.com"] [uri "/.env"] [unique_id "ai6GU_r2aE5_AHgNQ483uwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-14 10:05:03 (2 hours ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 10:04:53 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:04:45.546455 2026] [security2:error] [pid 24774:tid 24774] [client 2a04:c300:400::1fc:29866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jbaybru.jbaydeliveries.com"] [uri "/.env.local"] [unique_id "ai58veYDj-RkXO8ePRy9LgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 09:43:26 (3 hours ago)	(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1fc (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 05:43:20.531662 2026] [security2:error] [pid 29907:tid 29907] [client 2a04:c300:400::1fc:43680] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.pakistanvision.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.pakistanvision.com"] [uri "/wp-content/debug.log"] [unique_id "ai53uGF7yKG4hu2ZRbBq_wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.191.157.64

🇺🇸 23.128.248.174

🇨🇳 218.78.131.154

🇻🇪 190.120.254.5

🇦🇷 181.167.106.40

🇮🇩 103.164.57.37

🇵🇰 103.134.0.7

🇩🇪 69.5.169.94

🇨🇱 64.137.37.15

🇨🇳 39.105.217.27

🇺🇸 34.125.244.43

🇫🇮 34.88.170.27

🇺🇸 17.132.72.4

🇷🇴 2.57.122.177

🇭🇺 194.180.16.42

🇺🇸 165.154.163.110

🇺🇸 147.182.241.81

🇺🇸 134.33.68.249

🇻🇳 103.75.183.232

🇭🇰 101.36.111.38