JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a03:e600:100::13

2a03:e600:100::13 was found in our database!

This IP was reported 73 times. Confidence of Abuse is 34%: ?

34%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Foundation for Applied Privacy
Usage Type	University/College/School
ASN	AS208323
Hostname(s)	tor-exit-anonymizer-v6.appliedprivacy.net
Domain Name	appliedprivacy.net
Country	🇦🇹 Austria
City	Vienna, State of Vienna

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a03:e600:100::13

Whois 2a03:e600:100::13

IP Abuse Reports for 2a03:e600:100::13:

This IP address has been reported a total of 73 times from 12 distinct sources. 2a03:e600:100::13 was first reported on December 25th 2025, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-16 10:53:47 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appli ... show more (mod_security) mod_security (id:210492) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appliedprivacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:53:40.796732 2026] [security2:error] [pid 31950:tid 31950] [client 2a03:e600:100::13:59320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.accpp.link"] [uri "/.git/config"] [unique_id "ajErNBIomnL4T6sNm1ixqAAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 22:35:51 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appli ... show more (mod_security) mod_security (id:210492) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appliedprivacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:35:43.891913 2026] [security2:error] [pid 32124:tid 32124] [client 2a03:e600:100::13:47506] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.heathdiesel.com"] [uri "/.git/config"] [unique_id "ais4P-sOmeC5JyxZeaaQZgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Savvii	2026-06-10 08:29:28 (6 days ago)	20 attempts against mh-misbehave-ban on web-new	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-09 23:22:32 (1 week ago)	[WedJun1001:22:30.6922612026][security2:error][pid3661305:tid3661423][client2a03:e600:100::13:0]ModS ... show more [WedJun1001:22:30.6922612026][security2:error][pid3661305:tid3661423][client2a03:e600:100::13:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"ipv6.gpwealth.ch\"][uri\"/\"][unique_id\"aiigNgONYeLFEV9T6ROlvwAAAM4\"] show less	Port Scan Brute-Force Web App Attack
🇨🇦 1gz	2026-05-30 09:53:56 (2 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from T1. Action taken: CHALLENGE Protocol: HTTP/2 (GET met ... show more Triggered Cloudflare WAF (firewallCustom) from T1. Action taken: CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-08 05:53:15 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appli ... show more (mod_security) mod_security (id:210730) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appliedprivacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 01:53:08.485778 2026] [security2:error] [pid 1600:tid 1600] [client 2a03:e600:100::13:43488] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|fishleadership.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fishleadership.org"] [uri "/weekly.sql"] [unique_id "af16RHXoFp4vgtbK0I1pywAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-04-27 10:02:11 (1 month ago)	WordPress config file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 21:59:11 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appli ... show more (mod_security) mod_security (id:210730) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appliedprivacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 17:58:59.469539 2026] [security2:error] [pid 22842:tid 22842] [client 2a03:e600:100::13:50842] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|theseventhcongregationofladderdayvixens.org\|F\|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "theseventhcongregationofladderdayvixens.org"] [uri "/wp-config.cfg"] [unique_id "ae6Ko1S_OEU-idyryEmmewAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:03:55 (1 month ago)	2026-04-26 08:00:47,404 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:e600:100::13 2026-04- ... show more 2026-04-26 08:00:47,404 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:e600:100::13 2026-04-26 12:01:37,852 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:e600:100::13 2026-04-26 18:01:35,489 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:e600:100::13 2026-04-26 21:01:32,984 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:e600:100::13 2026-04-27 00:03:54,131 fail2ban.actions [7718]: NOTICE [tor] Ban 2a03:e600:100::13 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 12:48:20 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appli ... show more (mod_security) mod_security (id:210492) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appliedprivacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 08:48:16.310093 2026] [security2:error] [pid 6982:tid 6982] [client 2a03:e600:100::13:59208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kavahawaii.com"] [uri "/wp-config.php~~~~"] [unique_id "ae4JkMNyEUAfBd2ZB4RmGwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-22 20:18:03 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appli ... show more (mod_security) mod_security (id:210730) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appliedprivacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 22 16:17:56.970965 2026] [security2:error] [pid 1753909:tid 1753909] [client 2a03:e600:100::13:49104] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|nuewines.com\|F\|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nuewines.com"] [uri "/config.backup"] [unique_id "aeks9HXYsjHaUcg2Jq39xwAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 claude CALVET	2026-04-17 13:32:50 (1 month ago)	gew-Joomla User : try to access forms...	Hacking
🇨🇭 4server	2026-04-17 06:30:01 (1 month ago)	[FriApr1708:29:56.8182432026][security2:error][pid733800:tid734080][client2a03:e600:100::13:0]ModSec ... show more [FriApr1708:29:56.8182432026][security2:error][pid733800:tid734080][client2a03:e600:100::13:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"381\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"www.support-ticino.ch\"][uri\"/wp-content/plugins/wp-fastest-cache-premium/readme.txt\"][unique_id\"aeHTZLNlj1GEB_LnsoJO7wAAAMA\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 03:46:43 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appli ... show more (mod_security) mod_security (id:210730) triggered by 2a03:e600:100::13 (tor-exit-anonymizer-v6.appliedprivacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 23:46:38.307788 2026] [security2:error] [pid 348745:tid 348745] [client 2a03:e600:100::13:58150] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bitcoinbtcshop.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinbtcshop.com"] [uri "/bb-config.php.bak"] [unique_id "aeGtHslFcr4rEQek6J-yMAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-04-13 20:57:30 (2 months ago)	[MonApr1322:57:24.5048752026][security2:error][pid4025359:tid4025365][client2a03:e600:100::13:0]ModS ... show more [MonApr1322:57:24.5048752026][security2:error][pid4025359:tid4025365][client2a03:e600:100::13:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"359\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"comarcosa.com\"][uri\"/wp-content/plugins/\*\\\\\"\,\\\\\"/readme.txt\"][unique_id\"ad1YtL-UZzgdRy7Ye_kXZgAAAQE\"] show less	Hacking Web App Attack

Showing 1 to 15 of 73 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.195.57

🇨🇦 51.222.96.124

🇬🇧 35.203.211.102

🇬🇧 2a06:4880:8000::a4

🇬🇧 193.163.125.159

🇺🇸 172.208.158.198

🇯🇵 160.251.182.78

🇨🇳 124.89.119.7

🇨🇳 121.229.156.12

🇨🇳 118.196.92.141

🇨🇳 116.237.181.57

🇨🇳 112.194.142.167

🇮🇳 103.176.170.206

🇺🇸 98.169.173.45

🇫🇷 92.222.108.96

🇦🇪 92.97.23.41

🇫🇷 90.25.212.85

🇩🇪 89.1.208.19

🇺🇸 35.188.250.48

🇺🇸 20.106.198.160