JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a07:e03:2a::bcde

2a07:e03:2a::bcde was found in our database!

This IP was reported 69 times. Confidence of Abuse is 15%: ?

15%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Privex Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS210083
Hostname(s)	tor-exit-nl1.privex.cc
Domain Name	privex.io
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a07:e03:2a::bcde

Whois 2a07:e03:2a::bcde

IP Abuse Reports for 2a07:e03:2a::bcde:

This IP address has been reported a total of 69 times from 15 distinct sources. 2a07:e03:2a::bcde was first reported on September 27th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Savvii	2026-06-10 08:39:48 (1 week ago)	20 attempts against mh-misbehave-ban on web-new	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-04 09:29:11 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 34388 Packet length: 80 This report (for 2a07:0e03:002a:0 ... show more Blocked by UFW (TCP on 8333) Source port: 34388 Packet length: 80 This report (for 2a07:0e03:002a:0000:0000:0000:0000:bcde) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-26 21:04:11 (1 month ago)	2026-04-26 08:00:50,031 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e03:2a::bcde 2026-04- ... show more 2026-04-26 08:00:50,031 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e03:2a::bcde 2026-04-26 12:01:39,520 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e03:2a::bcde 2026-04-26 18:01:37,138 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e03:2a::bcde 2026-04-26 21:01:36,387 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e03:2a::bcde 2026-04-27 00:04:10,353 fail2ban.actions [7718]: NOTICE [tor] Ban 2a07:e03:2a::bcde show less	Brute-Force
🇨🇭 4server	2026-04-16 21:03:18 (2 months ago)	[ThuApr1623:03:15.0822252026][security2:error][pid2837911:tid2837918][client2a07:e03:2a::bcde:0]ModS ... show more [ThuApr1623:03:15.0822252026][security2:error][pid2837911:tid2837918][client2a07:e03:2a::bcde:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"381\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"www.annunci-ticino.ch\"][uri\"/wp-content/plugins/\*\\\\\"\,\\\\\"/readme.txt\"][unique_id\"aeFOk8YM3neZi9m_1jTShwAAAEU\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-11 21:39:24 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 17:39:17.359097 2026] [security2:error] [pid 4097068:tid 4097068] [client 2a07:e03:2a::bcde:37822] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "telecompros.net"] [uri "/wp-config.php.us"] [unique_id "adq_hTbDlbq2xwtF-8btCwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-26 20:43:55 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-24 05:39:49 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 00:39:43.219903 2026] [security2:error] [pid 24681:tid 24681] [client 2a07:e03:2a::bcde:49606] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|haroparke.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haroparke.com"] [uri "/dbroparke.sql"] [unique_id "aZ05n5vi0piuUYUcv7IZ_QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-01-30 23:02:33 (4 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-29. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-01-25 21:42:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 16:42:08.748805 2026] [security2:error] [pid 11330:tid 11330] [client 2a07:e03:2a::bcde:42940] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.westoaksurgentcare.com"] [uri "/.git/config"] [unique_id "aXaOMAX_NyrmvNKb1yCULAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-31 02:19:19 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 21:19:13.318746 2025] [security2:error] [pid 6772:tid 6772] [client 2a07:e03:2a::bcde:42832] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|microkerneltechnologies.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "microkerneltechnologies.com"] [uri "/backupwp.sql"] [unique_id "aVSIIcHfAbaC5NQ9_MPJqAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-20 12:03:21 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 20 07:03:17.260627 2025] [security2:error] [pid 640:tid 640] [client 2a07:e03:2a::bcde:41332] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|handankoc.net\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "handankoc.net"] [uri "/dankoc_com.sql"] [unique_id "aUaQhexdwm26zKcEOQ2RgQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-13 18:52:31 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 13 13:52:24.961431 2025] [security2:error] [pid 18051:tid 18080] [client 2a07:e03:2a::bcde:58270] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|pilargarciamanzanares.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pilargarciamanzanares.com"] [uri "/pilargar.sql"] [unique_id "aT216KVzrWSHIPCRbAOTiwAAAFc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-12 19:41:16 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 12 14:41:03.264560 2025] [security2:error] [pid 21262:tid 21262] [client 2a07:e03:2a::bcde:58842] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|lowkeytiki.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lowkeytiki.com"] [uri "/lowkeyti.sql"] [unique_id "aTxvz7CTPU-rk2sCCll49wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-12 11:02:55 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 12 06:02:47.365692 2025] [security2:error] [pid 30701:tid 30701] [client 2a07:e03:2a::bcde:47416] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kildarafarms.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kildarafarms.com"] [uri "/kildarafarms_com.sql"] [unique_id "aTv2V3xNYFY-38zBtPsvXQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-12 04:46:22 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 i ... show more (mod_security) mod_security (id:210730) triggered by 2a07:e03:2a::bcde (tor-exit-nl1.privex.cc): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 23:46:14.058387 2025] [security2:error] [pid 23982:tid 23982] [client 2a07:e03:2a::bcde:54414] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|neconebooks.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "neconebooks.com"] [uri "/onebooks_com.sql"] [unique_id "aTueFtAMpkzVPqVPCheFUQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 69 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.158

🇳🇱 193.39.208.26

🇺🇸 178.95.106.41

🇨🇳 120.236.178.243

🇵🇭 120.28.109.188

🇺🇸 64.62.197.62

🇺🇸 15.218.135.58

🇮🇷 5.250.122.28

🇧🇷 200.193.247.183

🇧🇪 198.235.24.198

🇺🇸 168.100.149.93

🇬🇧 64.137.93.228

🇺🇸 38.148.249.2

🇧🇪 34.140.194.146

🇧🇪 34.38.195.167

🇨🇳 8.141.118.211

🇬🇧 5.226.140.78

🇷🇴 193.46.255.86

🇲🇽 189.206.189.150

🇫🇷 176.31.139.22