JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::8

2a0b:f4c2::8 was found in our database!

This IP was reported 211 times. Confidence of Abuse is 18%: ?

18%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Hostname(s)	berlin01.tor-exit.artikel10.org
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::8

Whois 2a0b:f4c2::8

IP Abuse Reports for 2a0b:f4c2::8:

This IP address has been reported a total of 211 times from 27 distinct sources. 2a0b:f4c2::8 was first reported on December 28th 2022, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-07 05:53:28 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 01:53:22.473610 2026] [security2:error] [pid 19587:tid 19587] [client 2a0b:f4c2::8:46544] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.wildcroc.us"] [uri "/.git/config"] [unique_id "aiUHUimDiBSPhO9gFWnYVgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 11:54:50 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:54:42.185883 2026] [security2:error] [pid 21569:tid 21569] [client 2a0b:f4c2::8:9244] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.markrikey.com"] [uri "/.git/config"] [unique_id "aiK5Ai2VJ9ZpLTKs5R0FRwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 15:23:34 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 11:23:29.424670 2026] [security2:error] [pid 32469:tid 32469] [client 2a0b:f4c2::8:16688] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.lobibilisim.com"] [uri "/.git/config"] [unique_id "ahmvcYIMBUXTcqSLBZorLQAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-23 18:56:00 (2 weeks ago)	IPBlock protected site ID [3717-sec]. Robotic site crawling, undeclared spider	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 12:44:43 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 08:44:39.768637 2026] [security2:error] [pid 8093:tid 8093] [client 2a0b:f4c2::8:27080] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|energycapitalinvestments.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "energycapitalinvestments.com"] [uri "/energycapitalinvestme.sql"] [unique_id "af8sN3uwQSCDXVjCpiN9ywAAAEs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-05 11:03:31 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 07:03:20.869892 2026] [security2:error] [pid 21629:tid 21629] [client 2a0b:f4c2::8:51630] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|billymitchell.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "billymitchell.com"] [uri "/billymi.sql"] [unique_id "afnOeDabbRaRWGnDesqiTwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:04:32 (1 month ago)	2026-04-26 08:00:53,762 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::8 2026-04-26 12 ... show more 2026-04-26 08:00:53,762 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::8 2026-04-26 12:01:41,733 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::8 2026-04-26 18:01:39,390 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::8 2026-04-26 21:01:38,639 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::8 2026-04-27 00:04:26,964 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::8 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-19 06:48:37 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:48:27.283226 2026] [security2:error] [pid 1669272:tid 1669272] [client 2a0b:f4c2::8:28800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsmogsandiego.com"] [uri "/wp-config.phpr"] [unique_id "aeR6u1pTsVoEf84-As_xGwAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 02:34:41 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 22:34:31.003680 2026] [security2:error] [pid 3847277:tid 3847277] [client 2a0b:f4c2::8:37426] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rambleandprose.com"] [uri "/wp-config.php_"] [unique_id "aeGcN5YGDM1Eb5DHBEmEYwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 18:56:06 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 14:56:01.412824 2026] [security2:error] [pid 16681:tid 16681] [client 2a0b:f4c2::8:46998] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|daisydoesoap.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "daisydoesoap.com"] [uri "/daisydoesoap_com.sql"] [unique_id "ac67wT9yk_gVJXabLO1cyQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-03-25 06:04:19 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 46026 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 46026 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0008) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-03-24 03:48:33 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 23:48:27.716321 2026] [security2:error] [pid 29531:tid 29539] [client 2a0b:f4c2::8:21972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.rbarw.com"] [uri "/.git/config"] [unique_id "acIJi8B9-bM6FzkJXagDzwAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-03-18 03:06:42 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 13738 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 13738 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0008) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-03-09 04:14:24 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 00:14:12.963802 2026] [security2:error] [pid 28080:tid 28080] [client 2a0b:f4c2::8:40178] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|geckoturner.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "geckoturner.com"] [uri "/dbgeckoturner.sql"] [unique_id "aa5JFMvaV12IS-Q68silqgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-09 01:41:00 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::8 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 21:40:55.046118 2026] [security2:error] [pid 21993:tid 21993] [client 2a0b:f4c2::8:15640] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mobileonlinecasinos.co\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mobileonlinecasinos.co"] [uri "/casinos_db.sql"] [unique_id "aa4lJ2bU61q4LolD0xL21gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 211 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:7ff:2::

🇺🇸 217.216.90.208

🇳🇱 206.189.109.91

🇩🇪 194.88.98.110

🇩🇪 193.124.20.227

🇧🇴 181.115.147.5

🇺🇸 74.235.79.41

🇳🇱 45.148.10.147

🇺🇸 2a03:2880:7ff:20::

🇧🇴 190.181.4.12

🇨🇳 182.119.131.252

🇩🇪 167.94.146.63

🇩🇪 141.95.65.57

🇨🇳 112.86.225.199

🇳🇱 81.19.216.98

🇮🇳 49.43.241.11

🇸🇬 43.173.173.188

🇸🇬 43.128.89.111

🇳🇱 34.91.40.78

🇮🇪 18.200.249.85