JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a10:3c0:3:0:1:28:0:5

2a10:3c0:3:0:1:28:0:5 was found in our database!

This IP was reported 108 times. Confidence of Abuse is 57%: ?

57%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	ICG-V6-ZEN-AMS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS21859
Hostname(s)	zl-amsc-nl-gp1-wk128e.internet-census.org
Domain Name	nsec.pt
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a10:3c0:3:0:1:28:0:5

Whois 2a10:3c0:3:0:1:28:0:5

IP Abuse Reports for 2a10:3c0:3:0:1:28:0:5:

This IP address has been reported a total of 108 times from 42 distinct sources. 2a10:3c0:3:0:1:28:0:5 was first reported on November 10th 2025, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 geot	2026-06-03 10:50:46 (15 hours ago)	GET /sse HTTP/1.1 POST /mcp HTTP/1.1	Web App Attack
🇩🇪 4server	2026-06-02 20:15:14 (1 day ago)	[TueJun0222:15:11.3763312026][security2:error][pid633754:tid633956][client2a10:3c0:3:0:1:28:0:5:0]Mo ... show more [TueJun0222:15:11.3763312026][security2:error][pid633754:tid633956][client2a10:3c0:3:0:1:28:0:5:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"ponzellini.ch\"][uri\"/mcp\"][unique_id\"ah85z8OoNdtAkog6Su5YGQAAARE\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 4server	2026-06-01 14:55:13 (2 days ago)	[MonJun0116:55:08.7648392026][security2:error][pid2876030:tid2876111][client2a10:3c0:3:0:1:28:0:5:0] ... show more [MonJun0116:55:08.7648392026][security2:error][pid2876030:tid2876111][client2a10:3c0:3:0:1:28:0:5:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"brunocampagna.com\"][uri\"/mcp\"][unique_id\"ah2dTGtwpvJnclEUb_BDnAAAABY\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 4server	2026-05-30 03:14:40 (4 days ago)	[SatMay3005:14:34.6723192026][security2:error][pid3155770:tid3155812][client2a10:3c0:3:0:1:28:0:5:0] ... show more [SatMay3005:14:34.6723192026][security2:error][pid3155770:tid3155812][client2a10:3c0:3:0:1:28:0:5:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"studio-portale.ch\"][uri\"/mcp\"][unique_id\"ahpWGqrBjAuRa1thtw48mQAAAAs\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 geot	2026-05-27 12:21:33 (1 week ago)	GET /sse HTTP/1.1 POST /mcp HTTP/1.1	Web App Attack
🇺🇸 xmission.com	2026-05-23 16:06:07 (1 week ago)	Blocked by UFW (TCP on 443) Source port: 52998 Packet length: 80 This report (for 2a10:03c0:0003:00 ... show more Blocked by UFW (TCP on 443) Source port: 52998 Packet length: 80 This report (for 2a10:03c0:0003:0000:0001:0028:0000:0005) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 todix	2026-05-20 05:46:29 (2 weeks ago)	Web App Attack Exploid from 2a10:3c0:3:0:1:28:0:5	Web App Attack
🇩🇪 4server	2026-05-19 23:26:47 (2 weeks ago)	[WedMay2001:26:45.1919932026][security2:error][pid3596101:tid3596140][client2a10:3c0:3:0:1:28:0:5:0] ... show more [WedMay2001:26:45.1919932026][security2:error][pid3596101:tid3596140][client2a10:3c0:3:0:1:28:0:5:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"www.specialfood.ch\"][uri\"/mcp\"][unique_id\"agzxtVuF7iRa5Jshq0NDVwAAAEM\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 filstal.org	2026-05-19 06:30:32 (2 weeks ago)	Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels an ... show more Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels and known vulnerability paths detected by Fail2Ban show less	Hacking Brute-Force Web App Attack
🇩🇪 todix	2026-05-19 04:02:22 (2 weeks ago)	Web App Attack Exploid from 2a10:3c0:3:0:1:28:0:5	Web App Attack
🇩🇪 4server	2026-05-18 12:03:35 (2 weeks ago)	[MonMay1814:03:33.6850502026][security2:error][pid1181813:tid1181941][client2a10:3c0:3:0:1:28:0:5:0] ... show more [MonMay1814:03:33.6850502026][security2:error][pid1181813:tid1181941][client2a10:3c0:3:0:1:28:0:5:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"morgenstern-swiss.ch\"][uri\"/mcp\"][unique_id\"agsAFeI64vUCVbdXqRDeBQAAAEs\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 HandyTreff.de	2026-05-18 08:30:03 (2 weeks ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -118.882 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -118.882 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.86 Safari/537.36 show less	Web App Attack Bad Web Bot
🇨🇭 4server	2026-05-18 03:41:34 (2 weeks ago)	[MonMay1805:41:27.2586932026][security2:error][pid2385309:tid2385312][client2a10:3c0:3:0:1:28:0:5:0] ... show more [MonMay1805:41:27.2586932026][security2:error][pid2385309:tid2385312][client2a10:3c0:3:0:1:28:0:5:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bhttpx\\\\\\\\b\\|\\\\\\\\bnaabu\\\\\\\\b\\|\\\\\\\\bffuf\\\\\\\\b\\|\\\\\\\\bgobuster\\\\\\\\b\\|\\\\\\\\bferoxbuster\\\\\\\\b\\|\\\\\\\\bwfuzz\\\\\\\\b\\|\\\\\\\\bjaeles\\\\\\\\b\\|\\\\\\\\bzgrab2\?\\\\\\\\b\\|\\\\\\\\bcommix\\\\\\\\b\\|\\\\\\\\bxsstrike\\\\\\\\b\\|\\\\\\\\bkiterunner\\\\\\\\b\\|\(\?:\^\\|[/]\)katana\(\?:/\\|\\\\\\\\b\)\\|\\\\\\\\bkr/\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"70\"][id\"338800\"][rev\"2\"][msg\"Atomicorp.comWAFRules:Blockedrecon/fuzzUA\"][severity\"CRITICAL\"][hostname\"foodelivery.benvenutialfood.ch\"][uri\"/mcp\"][unique_id\"agqKZ4zR7vJRRzfv35sF1AAAAME\"] show less	Hacking Web App Attack
🇩🇪 BlueWire Hosting	2026-05-18 03:40:43 (2 weeks ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇩🇪 Isha	2026-05-17 04:01:13 (2 weeks ago)	Shield Guard: AbuseIPDB: 65% (suspect) \| Scanner: httpx/ (+70)	Web App Attack

Showing 1 to 15 of 108 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 193.3.53.11

🇸🇬 178.128.221.232

🇺🇸 108.181.2.243

🇸🇬 103.7.11.224

🇮🇹 81.57.15.243

🇺🇸 2001:470:1:fb5::218

🇺🇸 195.184.76.93

🇩🇪 194.36.25.43

🇧🇷 191.5.31.61

🇳🇱 178.16.54.237

🇧🇷 177.84.26.32

🇵🇰 103.26.83.8

🇨🇦 85.217.149.63

🇩🇪 84.141.244.204

🇩🇪 69.5.169.93

🇺🇸 65.181.127.40

🇷🇺 37.77.150.67

🇲🇾 20.17.99.111

🇺🇸 2607:f8b0:4023:1000::125

🇲🇽 206.135.55.26