AbuseIPDB » 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3
2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 was found in our database!
This IP was reported 6 times. Confidence of
Abuse
is 1% : ?
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
ISP
netcup GmbH
Usage Type
Data Center/Web Hosting/Transit
ASN
AS197540
Hostname(s)
ae8d3.netcup.net
Domain Name
netcup.de
Country
π©πͺ
Germany
City
Nuremberg, Bavaria
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 :
This IP address has been reported a total of
6
times from
1 distinct
source.
2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 was first reported on
May 30th 2026 , and the most recent report was
1 month ago .
Old Reports:
The most recent abuse report for this IP address is from
1 month ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
πΊπΈ
TPI-Abuse
2026-06-02 11:20:24
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcu ...
show more
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcup.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:20:01.575021 2026] [security2:error] [pid 5822:tid 5822] [client 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3:49154] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nessmonsters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nessmonsters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah68YW0G2BvP1mj1BfFbcQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-02 08:14:28
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcu ...
show more
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcup.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 04:14:24.306555 2026] [security2:error] [pid 2008:tid 2008] [client 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3:55768] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tcomputerguy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tcomputerguy.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah6Q4AAmKUc92l_XT78kZAAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 01:13:52
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcu ...
show more
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcup.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:13:38.956781 2026] [security2:error] [pid 26452:tid 26452] [client 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3:44356] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||drdot.xyz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "drdot.xyz"] [uri "/wp-json/wp/v2/users"] [unique_id "ahzcwtfBwU0g96GiJQ-G_QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-31 19:45:05
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcu ...
show more
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcup.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 15:44:58.377136 2026] [security2:error] [pid 28791:tid 28791] [client 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3:58598] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sandpointidaho.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sandpointidaho.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahyPukIVfM6Ndq5ZLqnOxwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-30 09:54:55
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcu ...
show more
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcup.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 05:54:51.387899 2026] [security2:error] [pid 15353:tid 15353] [client 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3:53782] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.goodfrequencies.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.goodfrequencies.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahqz6ycZNDmK7GDEcqt97AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-30 05:33:35
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcu ...
show more
(mod_security) mod_security (id:225170) triggered by 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3 (ae8d3.netcup.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 01:33:26.080243 2026] [security2:error] [pid 12149:tid 12149] [client 2a03:4000:0:3ca:a4cf:2aff:fe93:8c3:37446] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.hodlmoser.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.hodlmoser.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahp2phfnhTw70QZFBCsJMAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: