JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::2

2a0b:f4c2::2 was found in our database!

This IP was reported 220 times. Confidence of Abuse is 19%: ?

19%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Hostname(s)	berlin01.tor-exit.artikel10.org
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::2

Whois 2a0b:f4c2::2

IP Abuse Reports for 2a0b:f4c2::2:

This IP address has been reported a total of 220 times from 31 distinct sources. 2a0b:f4c2::2 was first reported on October 11th 2023, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-05-15 12:22:14 (4 weeks ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -30.543 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -30.543 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Mobile Sa show less	Web App Attack Bad Web Bot
🇺🇸 ipblock.com	2026-05-10 11:38:00 (1 month ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-06 19:32:24 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 15:32:17.051006 2026] [security2:error] [pid 17815:tid 17815] [client 2a0b:f4c2::2:8136] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|faithlines.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "faithlines.com"] [uri "/.sql"] [unique_id "afuXQZZ5xPJGOoRI-DzRygAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 15:30:25 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 11:30:20.164741 2026] [security2:error] [pid 23702:tid 23721] [client 2a0b:f4c2::2:63040] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cheqs.org"] [uri "/wp-config.phpOLD"] [unique_id "afDSjAQXXyoq42Tk345OogAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 08:11:48 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 04:11:40.313981 2026] [security2:error] [pid 31689:tid 31707] [client 2a0b:f4c2::2:39552] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ceol.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ceol.com"] [uri "/ceo.sql"] [unique_id "ae8aPK88ut9lQ7UFnF9wMwAAANA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:30 (1 month ago)	2026-04-26 08:00:53,327 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::2 2026-04-26 12 ... show more 2026-04-26 08:00:53,327 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::2 2026-04-26 12:01:41,496 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::2 2026-04-26 18:01:39,150 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::2 2026-04-26 21:01:38,399 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::2 2026-04-27 00:04:24,429 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::2 show less	Brute-Force
🇩🇪 4server	2026-04-26 04:46:01 (1 month ago)	[SunApr2606:45:55.4294522026][security2:error][pid1633765:tid1634045][client2a0b:f4c2::2:0]ModSecuri ... show more [SunApr2606:45:55.4294522026][security2:error][pid1633765:tid1634045][client2a0b:f4c2::2:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"allegraravizza.it\"][uri\"/allegraraviz.sql\"][unique_id\"ae2YgzSUECaP_mVy_IM2FgAAAcE\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 18:48:12 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 14:48:06.677958 2026] [security2:error] [pid 3403813:tid 3403813] [client 2a0b:f4c2::2:35552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medusakenya.com"] [uri "/wp-config.phpbak"] [unique_id "aePR5rUK2REXBPO5jb4NHgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-16 22:03:05 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 18:02:58.793137 2026] [security2:error] [pid 3330573:tid 3330573] [client 2a0b:f4c2::2:41986] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marv.us"] [uri "/wp-config.php.backup"] [unique_id "aeFckrYf-6_sOGlbEmgcdwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 06:53:05 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 02:53:01.176135 2026] [security2:error] [pid 1753003:tid 1753003] [client 2a0b:f4c2::2:43256] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "twogocamping.com"] [uri "/wp-config.php~~"] [unique_id "ad3kTQ3r70HNXlgkCRkDlAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-10 00:55:05 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 20:55:00.207916 2026] [security2:error] [pid 3850718:tid 3850718] [client 2a0b:f4c2::2:2792] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stonemartco.com"] [uri "/wp-config.phpb"] [unique_id "adhKZBnnGYx6GmIKpT2bFgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-03 08:11:51 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 51806 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 51806 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0002) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-03-26 05:33:35 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 01:32:38.836891 2026] [security2:error] [pid 25456:tid 25456] [client 2a0b:f4c2::2:64762] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bitcoinsubscribers.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsubscribers.com"] [uri "/bitcoinsu.sql"] [unique_id "acTE9jT6Ne8nYYINL1mrwQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 09:13:20 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::2 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 05:13:14.743983 2026] [security2:error] [pid 27605:tid 27605] [client 2a0b:f4c2::2:35422] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.farsipraiseclub.com"] [uri "/.git/config"] [unique_id "acOnKnI1qTKBEZgC7F6WpQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 gnom4ik	2026-03-17 20:01:30 (2 months ago)	ban-reviewer auto report; ip=2a0b:f4c2::2; scenario=http:scan; verdict=valid_ban; confidence=0.92; c ... show more ban-reviewer auto report; ip=2a0b:f4c2::2; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high show less	Port Scan Hacking Brute-Force SSH

Showing 1 to 15 of 220 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 212.192.216.2

🇳🇱 185.226.197.64

🇩🇪 69.5.169.66

🇸🇬 43.160.200.19

🇨🇦 104.255.152.19

🇩🇪 88.214.25.21

🇳🇱 45.148.10.151

🇧🇷 20.197.232.36

🇰🇪 197.248.159.62

🇨🇳 139.170.72.196

🇦🇱 95.107.170.107

🇺🇸 66.132.186.180

🇺🇸 65.49.20.69

🇮🇳 49.205.176.44

🇺🇸 34.106.159.10

🇺🇸 23.101.116.84

🇺🇸 2604:a880:400:d1:0:4:9621:e001

🇭🇺 194.180.16.42

🇨🇦 159.203.58.220

🇸🇬 114.119.130.183