JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::19

2a0b:f4c2::19 was found in our database!

This IP was reported 214 times. Confidence of Abuse is 25%: ?

25%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::19

Whois 2a0b:f4c2::19

IP Abuse Reports for 2a0b:f4c2::19:

This IP address has been reported a total of 214 times from 30 distinct sources. 2a0b:f4c2::19 was first reported on November 5th 2022, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-06 15:22:03 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 11:21:51.173889 2026] [security2:error] [pid 29638:tid 29638] [client 2a0b:f4c2::19:43386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.a-absoluteseptic.com"] [uri "/.git/config"] [unique_id "aiQ7DxvAzhGFen8AIx5RfwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-04 15:05:59 (2 days ago)	Blocked by UFW (TCP on 8333) Source port: 62718 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 62718 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0019) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-09 12:44:18 (4 weeks ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 08:44:10.049211 2026] [security2:error] [pid 8090:tid 8090] [client 2a0b:f4c2::19:23486] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|energycapitalinvestments.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "energycapitalinvestments.com"] [uri "/dump.sql"] [unique_id "af8sGu6Clcm2zKVcxxeMjQAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-05-09 04:37:26 (4 weeks ago)	[SatMay0906:37:19.7065002026][security2:error][pid3025858:tid3025985][client2a0b:f4c2::19:0]ModSecur ... show more [SatMay0906:37:19.7065002026][security2:error][pid3025858:tid3025985][client2a0b:f4c2::19:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"craniosacraltherapy.ch\"][uri\"/iosacraltherapy_com.sql\"][unique_id\"af65_wQuiS039kvXMfkKgQAAARA\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 16:59:44 (4 weeks ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 12:59:36.243860 2026] [security2:error] [pid 8169:tid 8169] [client 2a0b:f4c2::19:13978] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|crep-psych.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crep-psych.org"] [uri "/rep-psych_com.sql"] [unique_id "af4WeHoT1KyMjnqGzz7sUQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 15:01:14 (4 weeks ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 11:01:04.795893 2026] [security2:error] [pid 2332:tid 2332] [client 2a0b:f4c2::19:41214] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|cosplayculture.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cosplayculture.com"] [uri "/cosplaycultur.sql"] [unique_id "af36sJ-BEEHTVT52rGS0QwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-04 18:50:13 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 04 14:50:02.532704 2026] [security2:error] [pid 15821:tid 15821] [client 2a0b:f4c2::19:8822] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "microkerneltechnologies.com"] [uri "/wp-config.php.de"] [unique_id "afjqWljQSjAX9GsdQ7Z1HQAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 21:37:15 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 17:37:07.119712 2026] [security2:error] [pid 27179:tid 27179] [client 2a0b:f4c2::19:58836] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|drendels.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "drendels.com"] [uri "/wp-config-sample.php.bak"] [unique_id "afEog2BDt6W9k3JUeWRbQgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:35 (1 month ago)	2026-04-26 08:00:54,519 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::19 2026-04-26 1 ... show more 2026-04-26 08:00:54,519 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::19 2026-04-26 12:01:42,185 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::19 2026-04-26 18:01:39,838 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::19 2026-04-26 21:01:39,081 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::19 2026-04-27 00:04:31,172 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::19 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 01:51:46 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 21:51:39.730200 2026] [security2:error] [pid 15437:tid 15437] [client 2a0b:f4c2::19:30672] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|arsndetx.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "arsndetx.com"] [uri "/dump.sql"] [unique_id "ae1vq-q7EBr1IjLHkK_dVQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 16:35:46 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 12:35:40.791625 2026] [security2:error] [pid 31179:tid 31179] [client 2a0b:f4c2::19:30854] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kh6jim.com"] [uri "/wp-config.php.info"] [unique_id "aeztXOUFPgptwB7Az7SlFwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-20 15:07:52 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 16884 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 16884 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0019) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-04-19 06:36:40 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:36:33.495138 2026] [security2:error] [pid 1658458:tid 1658458] [client 2a0b:f4c2::19:55450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsmogsandiego.com"] [uri "/wp-config.php.backup.txt"] [unique_id "aeR38aHWEuNSUhhRTwCBTwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 04:39:39 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 00:39:32.610401 2026] [security2:error] [pid 4094157:tid 4094157] [client 2a0b:f4c2::19:20982] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|local639.com\|F\|2"] [data ".old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "local639.com"] [uri "/config.old"] [unique_id "aeMLBGt5OC8cOiSRx3bZuQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 18:55:47 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::19 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 14:55:38.836577 2026] [security2:error] [pid 13920:tid 13920] [client 2a0b:f4c2::19:36478] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|daisydoesoap.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "daisydoesoap.com"] [uri "/daisydoesoa.sql"] [unique_id "ac67qgvQZxOu9k9OBu98MwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 214 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.197.115

🇺🇸 54.146.140.54

🇮🇳 2401:4900:8f65:bfe8:b167:921d:b50e:fd9f

🇺🇸 189.104.19.91

🇸🇪 171.25.158.47

🇨🇳 153.99.92.11

🇫🇮 147.185.133.22

🇸🇬 103.134.154.36

🇬🇧 94.156.250.197

🇧🇪 34.156.130.1

🇹🇷 212.87.199.64

🇳🇱 204.76.203.221

🇭🇰 152.32.212.49

🇩🇪 134.209.252.42

🇳🇬 102.88.137.213

🇺🇸 18.189.74.1

🇰🇷 118.39.230.40

🇷🇴 2.57.121.112

🇵🇰 223.123.12.177

🇩🇪 212.132.120.41