JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::23

2a0b:f4c2::23 was found in our database!

This IP was reported 207 times. Confidence of Abuse is 18%: ?

18%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Hostname(s)	berlin01.tor-exit.artikel10.org
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::23

Whois 2a0b:f4c2::23

IP Abuse Reports for 2a0b:f4c2::23:

This IP address has been reported a total of 207 times from 31 distinct sources. 2a0b:f4c2::23 was first reported on September 20th 2023, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 23:18:14 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 19:18:00.114251 2026] [security2:error] [pid 13536:tid 13536] [client 2a0b:f4c2::23:14682] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.joycebrown.com"] [uri "/.git/config"] [unique_id "aidNqLy5qvLaVsrb5xa0EgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-29 13:33:31 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 35332 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 35332 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0023) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-26 21:04:36 (1 month ago)	2026-04-26 08:00:54,781 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::23 2026-04-26 1 ... show more 2026-04-26 08:00:54,781 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::23 2026-04-26 12:01:42,343 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::23 2026-04-26 18:01:39,997 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::23 2026-04-26 21:01:39,247 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::23 2026-04-27 00:04:32,258 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::23 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 20:52:30 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 16:52:25.575685 2026] [security2:error] [pid 3842:tid 3842] [client 2a0b:f4c2::23:26930] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|caferutadelaseda.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "caferutadelaseda.com"] [uri "/weekly.sql"] [unique_id "ae57CUSqsy15-vixmdo9fAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 percocet	2026-04-21 06:05:04 (1 month ago)	Cloudflare blocked 94 requests (HTTP 403) in 1h. Country: T1	DDoS Attack Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 04:40:00 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 00:39:51.936201 2026] [security2:error] [pid 4094362:tid 4094362] [client 2a0b:f4c2::23:54360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "local639.com"] [uri "/wp-config.php.in"] [unique_id "aeMLFzLxA4juFK3mLF8Z8wAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-11 06:29:20 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 55212 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 55212 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0023) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-04-06 22:55:44 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 18:55:37.046113 2026] [security2:error] [pid 507546:tid 507546] [client 2a0b:f4c2::23:15818] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "insurance4you.agency.polish-boat-registration.com"] [uri "/.git/config"] [unique_id "adQ56XJbjtbFFjcXXQ69EAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-03 05:24:45 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 18578 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 18578 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0023) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-03-22 07:38:27 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 03:38:18.539151 2026] [security2:error] [pid 2167:tid 2167] [client 2a0b:f4c2::23:58850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.chubat.com"] [uri "/.git/config"] [unique_id "ab-caitXqa6DaChFGR0VRAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-03-13 10:41:00 (3 months ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-09 01:41:22 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 21:41:15.665874 2026] [security2:error] [pid 21993:tid 21993] [client 2a0b:f4c2::23:13178] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mobileonlinecasinos.co\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mobileonlinecasinos.co"] [uri "/wordpress_bileonlinecasinos.sql"] [unique_id "aa4lO2bU61q4LolD0xL22AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-03-06 02:17:00 (3 months ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇨🇦 1gz	2026-03-01 07:08:44 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from T1. Action taken: CHALLENGE Protocol: HTTP/2 (GET met ... show more Triggered Cloudflare WAF (firewallCustom) from T1. Action taken: CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:140.0) Gecko/20100101 Firefox/140.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-24 09:28:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::23 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 04:28:43.568794 2026] [security2:error] [pid 2744:tid 2769] [client 2a0b:f4c2::23:7708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.layoverlocations.com"] [uri "/.git/config"] [unique_id "aZ1vS2b3yARs7fL7vRvl7QAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 207 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 112.216.108.62

🇩🇪 47.245.138.141

🇳🇱 176.65.148.250

🇰🇷 121.159.16.173

🇺🇸 62.132.18.53

🇺🇸 40.121.200.75

🇸🇬 8.219.223.4

🇶🇦 2600:1900:4260:40e::20

🇭🇰 165.154.1.18

🇯🇵 150.230.103.115

🇮🇳 122.187.249.88

🇨🇳 111.14.8.225

🇨🇭 209.99.187.52

🇺🇸 194.62.107.148

🇬🇧 193.163.125.73

🇳🇱 80.82.77.202

🇨🇳 60.16.220.137

🇸🇬 47.236.181.165

🇳🇱 45.148.10.183

🇰🇷 211.105.129.57