JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a10:c800:1:9cc6::1

2a10:c800:1:9cc6::1 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 5%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	ServerAstra Kft.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS56322
Domain Name	serverastra.com
Country	🇭🇺 Hungary
City	Budapest, Budapest

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a10:c800:1:9cc6::1

Whois 2a10:c800:1:9cc6::1

IP Abuse Reports for 2a10:c800:1:9cc6::1:

This IP address has been reported a total of 53 times from 8 distinct sources. 2a10:c800:1:9cc6::1 was first reported on March 21st 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-28 05:36:46 (10 hours ago)	Blocked by UFW (TCP on 50968) Source port: 443 Packet length: 96 This report (for 2a10:c800:0001:9c ... show more Blocked by UFW (TCP on 50968) Source port: 443 Packet length: 96 This report (for 2a10:c800:0001:9cc6:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-26 21:05:29 (2 months ago)	2026-04-26 08:01:06,061 fail2ban.actions [7718]: NOTICE [tor] Ban 2a10:c800:1:9cc6::1 2026-0 ... show more 2026-04-26 08:01:06,061 fail2ban.actions [7718]: NOTICE [tor] Ban 2a10:c800:1:9cc6::1 2026-04-26 12:01:49,568 fail2ban.actions [7718]: NOTICE [tor] Ban 2a10:c800:1:9cc6::1 2026-04-26 18:01:47,128 fail2ban.actions [7718]: NOTICE [tor] Ban 2a10:c800:1:9cc6::1 2026-04-26 21:01:46,464 fail2ban.actions [7718]: NOTICE [tor] Ban 2a10:c800:1:9cc6::1 2026-04-27 00:05:28,090 fail2ban.actions [7718]: NOTICE [tor] Ban 2a10:c800:1:9cc6::1 show less	Brute-Force
🇮🇹 VHosting	2026-03-26 20:41:30 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-10 04:52:27 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 00:52:21.194438 2026] [security2:error] [pid 18596:tid 18596] [client 2a10:c800:1:9cc6::1:15465] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lkabookkeeping.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lkabookkeeping.com"] [uri "/g_wp1.sql"] [unique_id "aa-jhcyWAt0NMHAczQbuDgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-07 03:52:22 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 06 22:52:09.675141 2026] [security2:error] [pid 17757:tid 17757] [client 2a10:c800:1:9cc6::1:47869] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|pattenden.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pattenden.com"] [uri "/patten.sql"] [unique_id "aV3YaSo7uYckDOMDjfWsnQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-31 12:29:41 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 31 07:29:31.116848 2025] [security2:error] [pid 21990:tid 21990] [client 2a10:c800:1:9cc6::1:37491] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|boardinjapan.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "boardinjapan.com"] [uri "/apan_com.sql"] [unique_id "aVUXK0FiDt-wYVZhfMGnKwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 21:55:15 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 16:55:07.749020 2025] [security2:error] [pid 3673:tid 3673] [client 2a10:c800:1:9cc6::1:4551] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|pschitchat.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pschitchat.com"] [uri "/chat_com.sql"] [unique_id "aVGnO5rWP-9Sb46r6TBBDgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-25 06:43:58 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 01:43:50.437159 2025] [security2:error] [pid 17922:tid 17922] [client 2a10:c800:1:9cc6::1:25219] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|chezlubacov.xyz\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chezlubacov.xyz"] [uri "/latest.sql"] [unique_id "aUzdJs07D-nd-AuS-JcHJwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-14 21:23:25 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 14 16:23:10.845371 2025] [security2:error] [pid 19331:tid 19331] [client 2a10:c800:1:9cc6::1:9225] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nekstlevel.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nekstlevel.com"] [uri "/back.sql"] [unique_id "aT8qvtiR5CA_dObn86iMCwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 21:12:37 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 16:12:29.286585 2025] [security2:error] [pid 4927:tid 4927] [client 2a10:c800:1:9cc6::1:20151] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|americanvaluesbooks.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "americanvaluesbooks.com"] [uri "/esbooks_com.sql"] [unique_id "aTniPbAOqtKhOtN8rb5KKAAAAC8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 14:37:20 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 09:37:10.749881 2025] [security2:error] [pid 23452:tid 23452] [client 2a10:c800:1:9cc6::1:26731] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|circleofsound.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "circleofsound.org"] [uri "/circl.sql"] [unique_id "aTg0FjLr72OmwwrVfzce-wAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:10:34 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:10:23.877510 2025] [security2:error] [pid 17163:tid 17163] [client 2a10:c800:1:9cc6::1:43231] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|soonerstone.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "soonerstone.com"] [uri "/.sql"] [unique_id "aTVur1u0oK3KYUO_WnaHBwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 10:39:10 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 05:39:01.432642 2025] [security2:error] [pid 7837:tid 7837] [client 2a10:c800:1:9cc6::1:59203] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|baliaccommodationpadangpadang.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "baliaccommodationpadangpadang.com"] [uri "/ng_com.sql"] [unique_id "aTVZRSGca28cOB1JAmUDZwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 23:22:19 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 18:22:07.626098 2025] [security2:error] [pid 11780:tid 11780] [client 2a10:c800:1:9cc6::1:23237] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|415test.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "415test.com"] [uri "/t_com.sql"] [unique_id "aTS6n_HTTROxbNpC36ErXQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 22:25:01 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a10:c800:1:9cc6::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 17:24:49.915814 2025] [security2:error] [pid 1623:tid 1628] [client 2a10:c800:1:9cc6::1:9583] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|hoffmanandassoc.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "hoffmanandassoc.com"] [uri "/hoffmanandas.sql"] [unique_id "aTNbsbJgyIDjeVEvR9KaNwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 85.217.149.66

🇱🇹 45.227.254.170

🇨🇳 222.212.83.51

🇳🇱 195.178.110.30

🇺🇸 162.216.149.71

🇫🇷 85.217.140.44

🇱🇻 81.30.98.49

🇺🇸 66.132.172.102

🇮🇶 62.201.239.145

🇺🇸 52.20.28.25

🇩🇪 47.245.142.112

🇺🇸 207.90.244.18

🇹🇭 202.29.230.5

🇧🇷 200.155.66.2

🇳🇱 195.178.110.199

🇧🇷 149.102.92.37

🇫🇮 147.185.133.73

🇰🇷 112.216.129.27

🇧🇬 79.124.56.238

🇳🇱 77.83.39.27