JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::4

2a0b:f4c2::4 was found in our database!

This IP was reported 211 times. Confidence of Abuse is 27%: ?

27%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Hostname(s)	berlin01.tor-exit.artikel10.org
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::4

Whois 2a0b:f4c2::4

IP Abuse Reports for 2a0b:f4c2::4:

This IP address has been reported a total of 211 times from 21 distinct sources. 2a0b:f4c2::4 was first reported on October 30th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 08:55:02 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 04:54:57.251239 2026] [security2:error] [pid 10025:tid 10025] [client 2a0b:f4c2::4:30654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.feartheshear.com"] [uri "/.git/config"] [unique_id "aivJYd26KNwl8akQhlWoLgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Savvii	2026-06-10 08:48:47 (3 days ago)	22 attempts against mh-misbehave-ban on web-new	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Savvii	2026-06-10 08:18:05 (3 days ago)	20 attempts against mh-misbehave-ban on web-new	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 13:50:14 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 09:50:06.908734 2026] [security2:error] [pid 12904:tid 12904] [client 2a0b:f4c2::4:12550] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.nutz-r-us.com"] [uri "/.git/config"] [unique_id "aiLUDkrT0YH6Khm5094bHAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-03 14:53:56 (1 week ago)	Blocked by UFW (TCP on 8333) Source port: 56128 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 56128 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0004) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-05-16 17:56:08 (4 weeks ago)	Blocked by UFW (TCP on 8333) Source port: 44974 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 44974 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0004) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-09 14:11:12 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 10:11:06.640357 2026] [security2:error] [pid 2691:tid 2691] [client 2a0b:f4c2::4:12918] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|capitalswisscorp.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "capitalswisscorp.com"] [uri "/isscorp_com.sql"] [unique_id "af9AeumK-1l2J8qgM0M-dAAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 14:06:15 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 10:06:09.586488 2026] [security2:error] [pid 32002:tid 32002] [client 2a0b:f4c2::4:27752] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fernfield.com"] [uri "/wp-config.php.sample"] [unique_id "afIQUbn8DF2z9hZYRs8rzwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 21:59:07 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 17:58:58.723547 2026] [security2:error] [pid 18092:tid 18092] [client 2a0b:f4c2::4:9774] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theseventhcongregationofladderdayvixens.org"] [uri "/wp-config.php-n"] [unique_id "ae6Kors-FoHgJUrsgIN_xwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:31 (1 month ago)	2026-04-26 08:00:53,469 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::4 2026-04-26 12 ... show more 2026-04-26 08:00:53,469 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::4 2026-04-26 12:01:41,576 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::4 2026-04-26 18:01:39,228 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::4 2026-04-26 21:01:38,480 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::4 2026-04-27 00:04:25,325 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::4 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 20:03:19 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 16:03:12.221776 2026] [security2:error] [pid 16688:tid 16688] [client 2a0b:f4c2::4:52304] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|internetnameregistration.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "internetnameregistration.com"] [uri "/internetnameregistrati.sql"] [unique_id "ae5vgNrWsFKdNoL7MW-SngAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 19:21:43 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 15:21:34.705615 2026] [security2:error] [pid 4717:tid 4717] [client 2a0b:f4c2::4:1260] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|blackriverarc.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blackriverarc.org"] [uri "/bck.sql"] [unique_id "ae5lvu6M6cQeUyd3A45aBgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 04:17:47 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 00:17:42.249202 2026] [security2:error] [pid 31991:tid 31991] [client 2a0b:f4c2::4:37668] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|20dekopas.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "20dekopas.com"] [uri "/0dekopas_com.sql"] [unique_id "ae2R5t-6x1Ib2Z1fBXrEsQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 16:35:26 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::4 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 12:35:16.851224 2026] [security2:error] [pid 10301:tid 10301] [client 2a0b:f4c2::4:31902] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kh6jim.com"] [uri "/wp-config.php.com"] [unique_id "aeztRPrbfWsT_nv4Ys4w0QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-16 05:11:22 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 17100 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 17100 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0004) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 211 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.134

🇺🇸 162.216.149.123

🇺🇸 154.197.57.20

🇫🇮 147.185.133.106

🇺🇸 147.185.132.55

🇭🇰 118.26.36.195

🇰🇷 115.68.208.117

🇧🇩 103.120.202.26

🇸🇬 101.47.15.119

🇳🇵 202.70.78.237

🇬🇧 185.199.157.12

🇷🇺 178.213.79.174

🇺🇦 109.108.83.46

🇿🇦 102.129.55.163

🇺🇦 91.228.122.240

🇩🇪 91.107.162.124

🇫🇷 79.143.188.82

🇩🇪 44.146.147.111

🇰🇪 41.80.32.137

🇺🇸 35.237.72.220