JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:f4c2::9

2a0b:f4c2::9 was found in our database!

This IP was reported 226 times. Confidence of Abuse is 26%: ?

26%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Artikel10 e.V.
Usage Type	Commercial
ASN	AS60729
Hostname(s)	berlin01.tor-exit.artikel10.org
Domain Name	artikel10.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:f4c2::9

Whois 2a0b:f4c2::9

IP Abuse Reports for 2a0b:f4c2::9:

This IP address has been reported a total of 226 times from 30 distinct sources. 2a0b:f4c2::9 was first reported on February 7th 2022, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-10 15:16:12 (4 days ago)	Blocked by UFW (TCP on 8333) Source port: 11634 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 11634 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0009) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Savvii	2026-06-10 09:34:33 (4 days ago)	20 attempts against mh-misbehave-ban on web-new	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 13:54:48 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 09:54:39.174605 2026] [security2:error] [pid 19284:tid 19284] [client 2a0b:f4c2::9:2070] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.mkdesignndetailing.com"] [uri "/.git/config"] [unique_id "aiLVH5asMbXSBdod116UcwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 22:09:25 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 18:09:21.015542 2026] [security2:error] [pid 2422:tid 2422] [client 2a0b:f4c2::9:10034] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|hotelausland.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "hotelausland.com"] [uri "/ho.sql"] [unique_id "af5fEWe1lD3SMGT0VCrXwgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 09:02:15 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 05:02:09.198023 2026] [security2:error] [pid 16038:tid 16038] [client 2a0b:f4c2::9:64614] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|customhumanrobots.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "customhumanrobots.com"] [uri "/customh.sql"] [unique_id "af2mkcqTzQHbE9CnV2eoBwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 05:53:21 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 01:53:13.812284 2026] [security2:error] [pid 32045:tid 32045] [client 2a0b:f4c2::9:30530] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|fishleadership.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fishleadership.org"] [uri "/fishle.sql"] [unique_id "af16SVkiRmZgSxCO57indwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-30 11:07:40 (1 month ago)	Blocked by UFW (TCP on 60958) Source port: 9002 Packet length: 120 This report (for 2a0b:f4c2:0000: ... show more Blocked by UFW (TCP on 60958) Source port: 9002 Packet length: 120 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0009) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 xmission.com	2026-04-28 09:13:56 (1 month ago)	Blocked by UFW (TCP on 8333) Source port: 43108 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 43108 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0009) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-04-26 21:04:32 (1 month ago)	2026-04-26 08:00:53,830 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::9 2026-04-26 12 ... show more 2026-04-26 08:00:53,830 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::9 2026-04-26 12:01:41,772 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::9 2026-04-26 18:01:39,429 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::9 2026-04-26 21:01:38,678 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::9 2026-04-27 00:04:27,394 fail2ban.actions [7718]: NOTICE [tor] Ban 2a0b:f4c2::9 show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-14 13:05:40 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 09:05:32.499198 2026] [security2:error] [pid 3674413:tid 3674413] [client 2a0b:f4c2::9:30452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "admiralpointe.com"] [uri "/wp-config.php.com"] [unique_id "ad47nMw8cRJRb9kfjhM-bgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-04-11 03:16:43 (2 months ago)	Blocked by UFW (TCP on 8333) Source port: 45994 Packet length: 80 This report (for 2a0b:f4c2:0000:0 ... show more Blocked by UFW (TCP on 8333) Source port: 45994 Packet length: 80 This report (for 2a0b:f4c2:0000:0000:0000:0000:0000:0009) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-04-08 05:52:02 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 01:51:56.378274 2026] [security2:error] [pid 1953753:tid 1953753] [client 2a0b:f4c2::9:57574] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "healingworksmassage.studio"] [uri "/wp-config.phpr"] [unique_id "adXs_JXIW0A7i9k0KR5GvgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 19:39:50 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 15:39:41.202388 2026] [security2:error] [pid 12241:tid 12261] [client 2a0b:f4c2::9:6076] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|datuinc.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "datuinc.com"] [uri "/backupdb.sql"] [unique_id "ac7F_Y1D_VpHQqsQmv3SsQAAARA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 03:53:26 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 23:53:17.425381 2026] [security2:error] [pid 26039:tid 26039] [client 2a0b:f4c2::9:44006] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|atmoorehealthcare.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "atmoorehealthcare.com"] [uri "/atmoorehe.sql"] [unique_id "ac3oLUeUtVT0Gu-vV3R_zwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-22 18:13:43 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2::9 (berlin01.tor-exit.artikel10.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 14:13:32.015714 2026] [security2:error] [pid 19641:tid 19641] [client 2a0b:f4c2::9:29198] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|rebelhollowfarm.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rebelhollowfarm.com"] [uri "/lowfarm_com.sql"] [unique_id "acAxTLH8FMXl2ZRm_dYIMQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 226 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇶🇦 2600:1900:4260:40e::124

🇱🇰 202.124.164.130

🇨🇳 175.30.48.246

🇨🇳 116.228.233.93

🇳🇱 91.92.40.5

🇺🇸 45.3.38.114

🇸🇬 8.219.238.77

🇰🇷 211.219.243.53

🇨🇦 209.50.178.215

🇧🇷 205.210.31.193

🇿🇦 197.245.56.157

🇵🇪 190.119.63.81

🇬🇧 188.166.152.155

🇫🇷 104.249.10.33

🇨🇳 101.126.54.167

🇪🇸 79.117.43.184

🇺🇸 66.132.186.236

🇳🇱 45.198.224.141

🇺🇸 20.102.97.100

🇨🇳 14.103.126.73