JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::31

2a0b:f4c2::31 was found in our database!

This IP was reported 232 times. Confidence of Abuse is 19%: ?

19%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Hostname(s)	berlin01.tor-exit.artikel10.org
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::31

Whois 2a0b:f4c2::31

IP Abuse Reports for 2a0b:f4c2::31:

This IP address has been reported a total of 232 times from 33 distinct sources. 2a0b:f4c2::31 was first reported on October 11th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-05-12 11:22:22 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 60948 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 60948 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0031) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇮 gnom4ik	2026-05-10 07:55:59 (1 month ago)	ban-reviewer auto report; ip=2a0b:f4c2::31; scenario=http:scan; verdict=valid_ban; confidence=0.92; ... show more ban-reviewer auto report; ip=2a0b:f4c2::31; scenario=http:scan; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high show less	Port Scan Hacking Brute-Force SSH
🇺🇸 TPI-Abuse	2026-05-09 14:11:36 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 10:11:29.010145 2026] [security2:error] [pid 2661:tid 2661] [client 2a0b:f4c2::31:13414] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|capitalswisscorp.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "capitalswisscorp.com"] [uri "/capitalswissco.sql"] [unique_id "af9AkW9M_Hs5gg5_Ykq3lwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 09:02:19 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 05:02:13.834496 2026] [security2:error] [pid 16038:tid 16038] [client 2a0b:f4c2::31:37008] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|customhumanrobots.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "customhumanrobots.com"] [uri "/obots_com.sql"] [unique_id "af2mlcqTzQHbE9CnV2eoCAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 14:05:49 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 10:05:42.902252 2026] [security2:error] [pid 29229:tid 29229] [client 2a0b:f4c2::31:35746] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fernfield.com"] [uri "/wp-config.php.txt"] [unique_id "afIQNkHcJsp1NJmO01VP-AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 21:59:08 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 17:59:01.776355 2026] [security2:error] [pid 22953:tid 22953] [client 2a0b:f4c2::31:33586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theseventhcongregationofladderdayvixens.org"] [uri "/wp-config.phptmp"] [unique_id "ae6KpYOxhooTEJvDMo27CgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:38 (1 month ago)	2026-04-26 08:00:55,407 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::31 2026-04-26 1 ... show more 2026-04-26 08:00:55,407 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::31 2026-04-26 12:01:42,672 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::31 2026-04-26 18:01:40,319 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::31 2026-04-26 21:01:39,584 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::31 2026-04-27 00:04:34,463 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::31 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-25 04:51:43 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 00:51:39.310614 2026] [security2:error] [pid 16869:tid 16869] [client 2a0b:f4c2::31:46814] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soonerstone.com"] [uri "/wp-config.php.us"] [unique_id "aexIW1XGKx2V-o_X2A0jXQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-04-20 15:20:00 (1 month ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 06:48:23 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:48:12.924096 2026] [security2:error] [pid 1666928:tid 1666928] [client 2a0b:f4c2::31:22012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsmogsandiego.com"] [uri "/wp-config.php.uk"] [unique_id "aeR6rAkxD9xOCK62-HiswwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 11:22:39 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 07:22:33.713772 2026] [security2:error] [pid 2832102:tid 2832102] [client 2a0b:f4c2::31:31288] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idahostem.org"] [uri "/wp-config.phpbak"] [unique_id "ad90-XzXGhJCrnEf1EYjZgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-09 11:57:31 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 5870 Packet length: 80 This report (for 2a0b:f4c2:0000:00 ... show more Blocked by UFW (TCP on 8333) Source port: 5870 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0031) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 ipblock.com	2026-03-31 17:18:00 (2 months ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 14:42:36 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org) ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::31 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 10:42:28.871859 2026] [security2:error] [pid 28171:tid 28171] [client 2a0b:f4c2::31:23658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.taxgroupsd.com"] [uri "/.git/config"] [unique_id "acvdVOSSOXlBUQaVGdQlBgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-03-21 15:03:00 (2 months ago)	IPBlock protected site ID [4055-d][s=03]. Rogue crawler, does not respect robots.txt	Bad Web Bot

Showing 1 to 15 of 232 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 162.158.119.227

🇺🇸 18.221.179.104

🇮🇳 223.181.71.122

🇱🇰 220.247.224.226

🇲🇾 202.184.145.225

🇩🇪 167.94.146.52

🇩🇪 164.92.161.148

🇮🇷 81.16.112.42

🇺🇸 54.163.161.231

🇸🇬 43.156.239.194

🇯🇵 207.56.225.34

🇨🇳 117.143.82.37

🇨🇳 115.190.226.99

🇺🇸 113.20.0.58

🇮🇳 103.91.246.73

🇨🇦 85.217.149.9

🇮🇩 41.216.178.119

🇺🇸 217.217.113.105

🇨🇳 202.105.98.252

🇹🇼 198.235.24.46