This IP was reported 139 times. Confidence of
Abuse
is 21%: ?
21%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
This IP address has been reported a total of
139
times from
20 distinct
sources.
2a0b:f4c2:4::108 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Blocked by UFW (TCP on 8333)
Source port: 16807
Packet length: 72
This report (for 2a0b:f4c2:0004:0 ...
show moreBlocked by UFW (TCP on 8333)
Source port: 16807
Packet length: 72
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0108) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::108 (Unknown): 1 in the last 300 s ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::108 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 05:02:08.009634 2026] [security2:error] [pid 18268:tid 18268] [client 2a0b:f4c2:4::108:38391] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||customhumanrobots.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "customhumanrobots.com"] [uri "/backupdb.sql"] [unique_id "af2mkKsGfJQvhXYtneFqfQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-26 08:01:01,460 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::108
2026-04-2 ...
show more2026-04-26 08:01:01,460 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::108
2026-04-26 12:01:46,770 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::108
2026-04-26 18:01:44,361 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::108
2026-04-26 21:01:43,652 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::108
2026-04-27 00:05:01,241 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::108
show less
Blocked by UFW (TCP on 8333)
Source port: 45303
Packet length: 72
This report (for 2a0b:f4c2:0004:0 ...
show moreBlocked by UFW (TCP on 8333)
Source port: 45303
Packet length: 72
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0108) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Blocked by UFW (TCP on 57078)
Source port: 993
Packet length: 108
This report (for 2a0b:f4c2:0004:0 ...
show moreBlocked by UFW (TCP on 57078)
Source port: 993
Packet length: 108
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0108) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::108 (Unknown): 1 in the last 300 s ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::108 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 00:39:18.661130 2026] [security2:error] [pid 26108:tid 26108] [client 2a0b:f4c2:4::108:38941] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||haroparke.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haroparke.com"] [uri "/wp_admin.sql"] [unique_id "aZ05hmiwbFiqiV06YEDUZQAAAAE"]
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::108 (Unknown): 1 in the last 300 s ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::108 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 08:08:34.888757 2026] [security2:error] [pid 1588:tid 1593] [client 2a0b:f4c2:4::108:21229] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||tristatepropertymgmt.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tristatepropertymgmt.com"] [uri "/dump.sql"] [unique_id "aZhc0gBohqf8rgtINnqtCgAAAME"]
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::108 (Unknown): 1 in the last 300 s ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::108 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 11:06:25.034980 2026] [security2:error] [pid 21050:tid 21050] [client 2a0b:f4c2:4::108:23295] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||orcastrong.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "orcastrong.com"] [uri "/latest.sql"] [unique_id "aZc1AXMlx_RSN1xAQgIwpwAAAB8"]
show less
Blocked by UFW (TCP on 8333)
Source port: 16437
Packet length: 72
This report (for 2a0b:f4c2:0004:0 ...
show moreBlocked by UFW (TCP on 8333)
Source port: 16437
Packet length: 72
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0108) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: BLOCK
ASN: 60729 (TORSERVERS-NET)
P ...
show moreTriggered Cloudflare WAF (firewallCustom) from DE.
Action taken: BLOCK
ASN: 60729 (TORSERVERS-NET)
Protocol: HTTP/1.1 (GET method)
Endpoint: /status
Timestamp: 2026-02-06T12:48:28Z
Ray ID: 9c9ac31458dbe51e
UA: python-requests/2.32.5
Report generated by Cloudflare-WAF-To-AbuseIPDB:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show moreAuto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-29.
show less
Hacking
Web App Attack
SSH
Showing 1 to
15
of 139 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ