JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::15

2a0b:f4c2::15 was found in our database!

This IP was reported 208 times. Confidence of Abuse is 26%: ?

26%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Hostname(s)	berlin01.tor-exit.artikel10.org
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::15

Whois 2a0b:f4c2::15

IP Abuse Reports for 2a0b:f4c2::15:

This IP address has been reported a total of 208 times from 26 distinct sources. 2a0b:f4c2::15 was first reported on September 20th 2023, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 20:08:48 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 16:08:40.824151 2026] [security2:error] [pid 27900:tid 27900] [client 2a0b:f4c2::15:56684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.ndezrojo.com"] [uri "/.git/config"] [unique_id "aiMsyCPSp-PChbUv0iCu7QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 12:04:03 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 08:03:55.185641 2026] [security2:error] [pid 25080:tid 25080] [client 2a0b:f4c2::15:15678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.lamanchaorchards.com"] [uri "/.git/config"] [unique_id "aiK7K5Sb3s-gIhivGEElZwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 gnom4ik	2026-05-10 07:55:58 (4 weeks ago)	ban-reviewer auto report; ip=2a0b:f4c2::15; scenario=http:scan; verdict=valid_ban; confidence=0.92; ... show more ban-reviewer auto report; ip=2a0b:f4c2::15; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high show less	Port Scan Hacking Brute-Force SSH
🇺🇸 TPI-Abuse	2026-05-09 14:11:41 (4 weeks ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 10:11:32.225836 2026] [security2:error] [pid 31532:tid 31532] [client 2a0b:f4c2::15:7018] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|capitalswisscorp.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "capitalswisscorp.com"] [uri "/ca.sql"] [unique_id "af9AlIMMeTX3U054-aIYTwAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-05 12:12:00 (1 month ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-04 19:40:13 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 46436 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 46436 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0015) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-04-30 10:43:15 (1 month ago)	Blocked by UFW (TCP on 33234) Source port: 9002 Packet length: 120 This report (for 2a0b:f4c2:0000: ... show more Blocked by UFW (TCP on 33234) Source port: 9002 Packet length: 120 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0015) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-04-30 09:31:47 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 05:31:42.652827 2026] [security2:error] [pid 12186:tid 12214] [client 2a0b:f4c2::15:63596] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "la.productions"] [uri "/wp-config.phpc"] [unique_id "afMhfnckChmdMCDPe2rHWAAAARg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:34 (1 month ago)	2026-04-26 08:00:54,229 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::15 2026-04-26 1 ... show more 2026-04-26 08:00:54,229 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::15 2026-04-26 12:01:42,011 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::15 2026-04-26 18:01:39,675 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::15 2026-04-26 21:01:38,921 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::15 2026-04-27 00:04:29,975 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::15 show less	Brute-Force
🇺🇸 ipblock.com	2026-04-21 12:26:00 (1 month ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 06:48:36 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:48:28.037679 2026] [security2:error] [pid 1669276:tid 1669276] [client 2a0b:f4c2::15:40844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsmogsandiego.com"] [uri "/wp-config.php.info"] [unique_id "aeR6vOACtsv9Xqnlm-vaEAAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-04-16 01:33:06 (1 month ago)	[ThuApr1603:33:02.5195842026][security2:error][pid2838813:tid2838875][client2a0b:f4c2::15:0]ModSecur ... show more [ThuApr1603:33:02.5195842026][security2:error][pid2838813:tid2838875][client2a0b:f4c2::15:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"359\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"larademarco.ch\"][uri\"/wp-content/plugins/sitepress-multilingual-cms/readme.txt\"][unique_id\"aeA8TlpEBLI89DC5yZPEUQAAAEQ\"] show less	Hacking Web App Attack
🇨🇭 4server	2026-04-14 04:25:36 (1 month ago)	[TueApr1406:25:30.9964192026][security2:error][pid1400530:tid1400554][client2a0b:f4c2::15:0]ModSecur ... show more [TueApr1406:25:30.9964192026][security2:error][pid1400530:tid1400554][client2a0b:f4c2::15:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"359\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"nexxa.ch\"][uri\"/wp-content/plugins/maintenance/readme.txt\"][unique_id\"ad3Bur9wMCcxgddRjQPJfgAAAVY\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-09 00:26:25 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::15 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 20:26:20.330418 2026] [security2:error] [pid 3459674:tid 3459674] [client 2a0b:f4c2::15:11820] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.edfisherco.com"] [uri "/.git/config"] [unique_id "adbyLO1Eze7bvzN8X09vxwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-02 00:52:59 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 21192 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 21192 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0015) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 208 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.158.10.113

🇳🇱 45.148.10.183

🇺🇸 2a03:2880:7ff:18::

🇨🇳 223.93.164.218

🇩🇪 213.209.159.226

🇬🇧 195.206.182.217

🇬🇧 193.32.209.240

🇦🇷 186.1.224.42

🇺🇸 173.252.95.17

🇳🇱 129.121.88.64

🇭🇰 121.202.206.119

🇬🇧 87.106.35.227

🇺🇸 66.132.172.131

🇬🇧 5.226.140.84

🇺🇸 2a03:2880:7ff:16::

🇺🇸 209.38.73.229

🇰🇷 203.123.219.137

🇬🇧 193.32.209.250

🇬🇧 193.32.209.243

🇨🇳 180.102.110.149