JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a01:270:9847::1

2a01:270:9847::1 was found in our database!

This IP was reported 115 times. Confidence of Abuse is 22%: ?

22%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	ATW Internet Kft.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41075
Hostname(s)	torexitspeakfreely.com
Domain Name	atw.hu
Country	🇭🇺 Hungary
City	Budapest, Budapest

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a01:270:9847::1

Whois 2a01:270:9847::1

IP Abuse Reports for 2a01:270:9847::1:

This IP address has been reported a total of 115 times from 17 distinct sources. 2a01:270:9847::1 was first reported on March 1st 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 14:12:33 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 10:12:23.005793 2026] [security2:error] [pid 15276:tid 15276] [client 2a01:270:9847::1:43007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.teamwakimphotography.com"] [uri "/.git/config"] [unique_id "ajAIR6LcQu5xSBozRNTfPwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 12:28:06 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 08:28:01.739759 2026] [security2:error] [pid 24575:tid 24575] [client 2a01:270:9847::1:52197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.lalalana.mx"] [uri "/.git/config"] [unique_id "aiVj0eD4lFtprkIq94vw7AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 17:08:49 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 13:08:42.669270 2026] [security2:error] [pid 30962:tid 30962] [client 2a01:270:9847::1:33542] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.pointillistic.com"] [uri "/.git/config"] [unique_id "aiMCmjEPcCy6F2BkarmSrAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 11:10:02 (2 weeks ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-05-22 19:22:57 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 15:22:53.028803 2026] [security2:error] [pid 1085:tid 1085] [client 2a01:270:9847::1:44623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.koeckeritz.com"] [uri "/.git/config"] [unique_id "ahCtDQ5AQO4VMKowuFAv1QAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-15 07:42:48 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 36743 Packet length: 80 This report (for 2a01:0270:9847:0 ... show more Blocked by UFW (TCP on 8333) Source port: 36743 Packet length: 80 This report (for 2a01:0270:9847:0000:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-04-30 15:36:24 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 29000 Packet length: 80 This report (for 2a01:0270:9847:0 ... show more Blocked by UFW (TCP on 8333) Source port: 29000 Packet length: 80 This report (for 2a01:0270:9847:0000:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-26 21:03:18 (1 month ago)	2026-04-26 08:00:42,888 fail2ban.actions [7718]: NOTICE [tor] Ban 2a01:270:9847::1 2026-04-2 ... show more 2026-04-26 08:00:42,888 fail2ban.actions [7718]: NOTICE [tor] Ban 2a01:270:9847::1 2026-04-26 12:01:35,078 fail2ban.actions [7718]: NOTICE [tor] Ban 2a01:270:9847::1 2026-04-26 18:01:32,781 fail2ban.actions [7718]: NOTICE [tor] Ban 2a01:270:9847::1 2026-04-26 21:01:30,224 fail2ban.actions [7718]: NOTICE [tor] Ban 2a01:270:9847::1 2026-04-27 00:03:16,762 fail2ban.actions [7718]: NOTICE [tor] Ban 2a01:270:9847::1 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 20:24:12 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 16:24:04.732808 2026] [security2:error] [pid 8646:tid 8646] [client 2a01:270:9847::1:24876] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|internetnameregistration.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "internetnameregistration.com"] [uri "/bck.sql"] [unique_id "ae50ZGch5T17bnC8loW6yAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 03:45:58 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 23:45:53.412943 2026] [security2:error] [pid 1297303:tid 1297303] [client 2a01:270:9847::1:20551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulsingdahlsen.com"] [uri "/wp-config.php~~~"] [unique_id "adsVcTypDGUsUdgh_C5yNwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-26 21:23:40 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-15 15:54:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 15 11:54:06.269920 2026] [security2:error] [pid 19508:tid 19508] [client 2a01:270:9847::1:37198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fishtales.jbaydeliveries.com"] [uri "/.git/config"] [unique_id "abbWHhg1XAxxdx9EF59dwgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 04:52:15 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 00:52:06.716966 2026] [security2:error] [pid 16662:tid 16662] [client 2a01:270:9847::1:56118] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lkabookkeeping.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lkabookkeeping.com"] [uri "/db_abookkeeping.sql"] [unique_id "aa-jdqj5FmlHKZKF9hUX_AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 13:28:12 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 2a01:270:9847::1 (torexitspeakfreely.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 08:28:05.349092 2026] [security2:error] [pid 23591:tid 23591] [client 2a01:270:9847::1:58372] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|aboutagingparents.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aboutagingparents.com"] [uri "/utagingparents_wp1.sql"] [unique_id "aamE5UaAibfDzvWaZHAEtAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-02-15 15:56:38 (4 months ago)	Blocked by UFW (TCP on 9999) Source port: 27215 Packet length: 80 This report (for 2a01:0270:9847:0 ... show more Blocked by UFW (TCP on 9999) Source port: 27215 Packet length: 80 This report (for 2a01:0270:9847:0000:0000:0000:0000:0001) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Ping of Death Port Scan

Showing 1 to 15 of 115 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 168.119.75.56

🇭🇰 156.245.239.180

🇺🇸 66.132.186.250

🇨🇦 20.104.203.253

🇻🇳 14.165.5.251

🇧🇷 205.210.31.234

🇳🇱 188.166.99.30

🇳🇱 176.65.139.215

🇮🇷 151.234.202.234

🇨🇳 124.117.194.235

🇰🇪 102.68.86.49

🇳🇱 91.92.40.5

🇰🇷 59.8.2.70

🇨🇳 58.221.146.170

🇸🇬 47.237.20.150

🇺🇸 18.189.74.1

🇺🇸 137.184.228.25

🇷🇺 109.252.144.175

🇷🇺 95.79.38.84

🇫🇷 51.68.34.131