JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::16

2a0b:f4c2::16 was found in our database!

This IP was reported 211 times. Confidence of Abuse is 24%: ?

24%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Hostname(s)	berlin01.tor-exit.artikel10.org
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::16

Whois 2a0b:f4c2::16

IP Abuse Reports for 2a0b:f4c2::16:

This IP address has been reported a total of 211 times from 30 distinct sources. 2a0b:f4c2::16 was first reported on October 30th 2022, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 20:34:53 (4 days ago)	(mod_security) mod_security (id:949110) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:949110) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 16:34:49.211118 2026] [security2:error] [pid 9294:tid 9294] [client 2a0b:f4c2::16:47486] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ipv6.taxijunkremoval.com"] [uri "/.git/config"] [unique_id "aisb6VwucJ4KpgPUqWTXAQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Savvii	2026-06-10 08:37:34 (5 days ago)	20 attempts against mh-misbehave-ban on web-new	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 11:20:07 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:20:04.149686 2026] [security2:error] [pid 13080:tid 13080] [client 2a0b:f4c2::16:8082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.natchezbicycle.com"] [uri "/.git/config"] [unique_id "aiKw5KnHhdPgW2tsAfiKbQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-20 09:57:27 (3 weeks ago)	Blocked by UFW (TCP on 8333) Source port: 46108 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 46108 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0016) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-05-11 16:36:19 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 55376 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 55376 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0016) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-09 14:11:07 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 10:10:56.985348 2026] [security2:error] [pid 2433:tid 2433] [client 2a0b:f4c2::16:31240] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|capitalswisscorp.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "capitalswisscorp.com"] [uri "/scorp_com.sql"] [unique_id "af9AcAeTFBscty7FBP3RVAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-06 19:32:35 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 15:32:27.518333 2026] [security2:error] [pid 17060:tid 17060] [client 2a0b:f4c2::16:53162] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|faithlines.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "faithlines.com"] [uri "/backupdb.sql"] [unique_id "afuXSz4NHQ1dk7XOsysxrQAAADA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:34 (1 month ago)	2026-04-26 08:00:54,310 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::16 2026-04-26 1 ... show more 2026-04-26 08:00:54,310 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::16 2026-04-26 12:01:42,057 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::16 2026-04-26 18:01:39,714 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::16 2026-04-26 21:01:38,960 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::16 2026-04-27 00:04:30,436 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::16 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 19:21:53 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 15:21:49.277236 2026] [security2:error] [pid 5083:tid 5083] [client 2a0b:f4c2::16:55596] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|blackriverarc.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blackriverarc.org"] [uri "/rc_com.sql"] [unique_id "ae5lzQdj1cJPbq4yuB3eTQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 20:34:03 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 16:33:58.932476 2026] [security2:error] [pid 9748:tid 9748] [client 2a0b:f4c2::16:33398] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bayareamustangs.com\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bayareamustangs.com"] [uri "/config.bak"] [unique_id "ae0lNqADUk22dHkAwyYpFQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-16 22:02:54 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 18:02:46.647840 2026] [security2:error] [pid 3323024:tid 3323024] [client 2a0b:f4c2::16:10858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marv.us"] [uri "/wp-config.php_old"] [unique_id "aeFchn2ehmZOHfqM1ZRt4AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-11 21:39:18 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::16 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 17:39:12.711188 2026] [security2:error] [pid 4097746:tid 4097746] [client 2a0b:f4c2::16:3302] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "telecompros.net"] [uri "/wp-config.phpo"] [unique_id "adq_gNOgrH6ZF77VdPYa_gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ketovoila.pl	2026-04-01 19:38:10 (2 months ago)	ketovoila.pl HONEYPOT traffic: count=1, paths=1; sample_path=ketovoila.pl/a_com.sql; UA=Mozilla/5.0 ... show more ketovoila.pl HONEYPOT traffic: count=1, paths=1; sample_path=ketovoila.pl/a_com.sql; UA=Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Mobile/15E148 Safari/604.1; window=2026-04-01T18:55:53Z..2026-04-01T18:55:53Z show less	Port Scan Hacking Brute-Force
🇺🇸 ipblock.com	2026-03-28 17:31:00 (2 months ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-26 20:41:30 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot

Showing 1 to 15 of 211 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.156.140

🇹🇼 61.230.123.132

🇸🇬 47.82.15.122

🇺🇸 23.234.111.188

🇺🇸 23.234.110.68

🇩🇪 194.88.98.101

🇳🇱 188.166.86.102

🇨🇳 175.19.52.56

🇸🇬 152.42.175.252

🇭🇰 103.229.126.95

🇺🇸 74.114.28.209

🇺🇸 64.236.142.134

🇨🇳 59.110.9.189

🇸🇬 47.82.15.121

🇸🇬 47.82.15.12

🇩🇪 43.228.157.9

🇸🇬 43.98.162.69

🇯🇴 5.45.131.46

🇭🇰 2404:6800:4005:c00::12c

🇨🇳 183.234.72.66