JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::21

2a0b:f4c2::21 was found in our database!

This IP was reported 210 times. Confidence of Abuse is 19%: ?

19%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::21

Whois 2a0b:f4c2::21

IP Abuse Reports for 2a0b:f4c2::21:

This IP address has been reported a total of 210 times from 23 distinct sources. 2a0b:f4c2::21 was first reported on September 21st 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-07 05:53:27 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 01:53:23.949876 2026] [security2:error] [pid 15387:tid 15387] [client 2a0b:f4c2::21:10166] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.wildcroc.us"] [uri "/.git/config"] [unique_id "aiUHU_EUaGCFyTatrnuK9QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-31 17:13:53 (1 week ago)	Blocked by UFW (TCP on 8333) Source port: 30998 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 30998 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0021) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-05-11 08:44:14 (4 weeks ago)	Blocked by UFW (TCP on 8333) Source port: 8804 Packet length: 80 This report (for 2a0b:f4c2:0000:00 ... show more Blocked by UFW (TCP on 8333) Source port: 8804 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0021) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-08 10:00:08 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 05:59:54.882288 2026] [security2:error] [pid 6286:tid 6286] [client 2a0b:f4c2::21:42438] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bitcoincasting.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoincasting.com"] [uri "/latest.sql"] [unique_id "af20GpC2DipVcl7PTGtCyQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 15:42:22 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 11:42:15.286706 2026] [security2:error] [pid 5030:tid 5030] [client 2a0b:f4c2::21:57932] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|americanexportimport.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "americanexportimport.com"] [uri "/dump.sql"] [unique_id "ae-D1_9ITY9xwMpsz8ChdgAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 08:11:39 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 04:11:30.468740 2026] [security2:error] [pid 31575:tid 31676] [client 2a0b:f4c2::21:22904] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ceol.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ceol.com"] [uri "/.sql"] [unique_id "ae8aMoAU2Axbt2cgFVwPvQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:36 (1 month ago)	2026-04-26 08:00:54,640 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::21 2026-04-26 1 ... show more 2026-04-26 08:00:54,640 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::21 2026-04-26 12:01:42,265 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::21 2026-04-26 18:01:39,917 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::21 2026-04-26 21:01:39,164 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::21 2026-04-27 00:04:31,703 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::21 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-20 08:10:52 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 04:10:45.384396 2026] [security2:error] [pid 30567:tid 30581] [client 2a0b:f4c2::21:7648] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batonrougegazette.com"] [uri "/wp-config.phptmp"] [unique_id "aeXfhWabDJrPKFeOQqi0yAAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 06:53:19 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 02:53:15.422837 2026] [security2:error] [pid 1751769:tid 1751769] [client 2a0b:f4c2::21:50902] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "twogocamping.com"] [uri "/wp-config.php_old"] [unique_id "ad3kW6yq86mSoPf9YXLFtAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 03:45:50 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 23:45:43.420834 2026] [security2:error] [pid 1302328:tid 1302328] [client 2a0b:f4c2::21:16778] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|paulsingdahlsen.com\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "paulsingdahlsen.com"] [uri "/config.bak"] [unique_id "adsVZ225sfrDgaM4OfhD8gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 19:38:59 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 15:38:54.608203 2026] [security2:error] [pid 29987:tid 29991] [client 2a0b:f4c2::21:60092] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|datuinc.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "datuinc.com"] [uri "/datu.sql"] [unique_id "ac7FzpSyjtp56KS_NrE9CgAAAII"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-03-31 16:13:08 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 61380 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 61380 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0021) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇹 VHosting	2026-03-26 20:36:19 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-23 13:58:33 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 09:58:26.374165 2026] [security2:error] [pid 9617:tid 9617] [client 2a0b:f4c2::21:3778] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.adultshop61.net"] [uri "/.git/config"] [unique_id "acFHAiA6cS2hXMzRe84U0gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-22 18:13:50 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::21 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 14:13:42.376451 2026] [security2:error] [pid 19625:tid 19625] [client 2a0b:f4c2::21:2140] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|rebelhollowfarm.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rebelhollowfarm.com"] [uri "/backup_wp.sql"] [unique_id "acAxVl1cZBFvtwMhc6sTNgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 210 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.154.35.203

🇧🇷 200.196.50.91

🇸🇬 172.217.47.28

🇪🇸 91.142.223.216

🇧🇬 78.128.114.22

🇺🇸 66.132.195.57

🇳🇱 45.148.10.141

🇷🇴 2.57.121.25

🇺🇸 205.210.31.46

🇩🇪 194.88.98.106

🇧🇴 190.129.122.221

🇺🇸 147.185.132.75

🇺🇸 107.178.10.54

🇭🇰 103.243.24.124

🇫🇷 91.231.89.227

🇫🇷 85.217.140.22

🇫🇷 85.204.70.90

🇳🇱 77.83.39.54

🇩🇪 69.5.169.103

🇩🇪 69.5.169.50