This IP was reported 148 times. Confidence of
Abuse
is 21%: ?
21%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
This IP address has been reported a total of
148
times from
14 distinct
sources.
2a0b:f4c2:4::96 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Blocked by UFW (TCP on 8333)
Source port: 37219
Packet length: 72
This report (for 2a0b:f4c2:0004:0 ...
show moreBlocked by UFW (TCP on 8333)
Source port: 37219
Packet length: 72
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0096) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Blocked by UFW (TCP on 9999)
Source port: 10813
Packet length: 72
This report (for 2a0b:f4c2:0004:0 ...
show moreBlocked by UFW (TCP on 9999)
Source port: 10813
Packet length: 72
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0096) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 se ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 15:32:02.180663 2026] [security2:error] [pid 10951:tid 10951] [client 2a0b:f4c2:4::96:49477] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||faithlines.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "faithlines.com"] [uri "/faith.sql"] [unique_id "afuXMonj0aqQdJhstBmv9wAAABE"]
show less
Blocked by UFW (TCP on 8333)
Source port: 30883
Packet length: 72
This report (for 2a0b:f4c2:0004:0 ...
show moreBlocked by UFW (TCP on 8333)
Source port: 30883
Packet length: 72
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0096) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Anonymous
2026-04-26 08:01:00,683 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::96
2026-04-26 ...
show more2026-04-26 08:01:00,683 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::96
2026-04-26 12:01:46,306 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::96
2026-04-26 18:01:43,894 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::96
2026-04-26 21:01:43,177 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::96
2026-04-27 00:04:57,650 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2:4::96
show less
Blocked by UFW (TCP on 9999)
Source port: 46473
Packet length: 72
This report (for 2a0b:f4c2:0004:0 ...
show moreBlocked by UFW (TCP on 9999)
Source port: 46473
Packet length: 72
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0096) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Blocked by UFW (TCP on 51066)
Source port: 443
Packet length: 60
This report (for 2a0b:f4c2:0004:00 ...
show moreBlocked by UFW (TCP on 51066)
Source port: 443
Packet length: 60
This report (for 2a0b:f4c2:0004:0000:0000:0000:0000:0096) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 se ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 00:52:22.335498 2026] [security2:error] [pid 16188:tid 16188] [client 2a0b:f4c2:4::96:5483] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lkabookkeeping.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lkabookkeeping.com"] [uri "/webadmin.sql"] [unique_id "aa-jhggJaskYkR3geyMvmwAAAAc"]
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 se ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:14:07.612634 2026] [security2:error] [pid 27763:tid 27763] [client 2a0b:f4c2:4::96:5915] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||geckoturner.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/monthly.sql"] [unique_id "aa5JD9WGjCOf4jkseH2QoQAAAAQ"]
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 se ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 07 08:19:39.929749 2026] [security2:error] [pid 3613:tid 3613] [client 2a0b:f4c2:4::96:52841] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||diamondtrailerserv.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "diamondtrailerserv.com"] [uri "/wordpress_mondtrailerserv.sql"] [unique_id "aawl6-TM52piDfmghbqTWwAAAA0"]
show less
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 se ...
show more(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:4::96 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 03 14:06:30.331321 2026] [security2:error] [pid 7009:tid 7009] [client 2a0b:f4c2:4::96:9205] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||sekelconsulting.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sekelconsulting.com"] [uri "/ng_prod.sql"] [unique_id "aacxNhNfxmtMWTxl1M6bvgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
15
of 148 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ