JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2603:3:6101:b8c0::

2603:3:6101:b8c0:: was found in our database!

This IP was reported 11 times. Confidence of Abuse is 46%: ?

46%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	GoDaddy.com, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS398101
Domain Name	godaddy.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2603:3:6101:b8c0::

Whois 2603:3:6101:b8c0::

IP Abuse Reports for 2603:3:6101:b8c0:::

This IP address has been reported a total of 11 times from 7 distinct sources. 2603:3:6101:b8c0:: was first reported on June 15th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-16 05:15:10 (2 days ago)	3 attacks on env grabbing URLs: GET /.env HTTP/1.1	Hacking
🇬🇧 Mendip_Defender	2026-06-15 20:41:46 (3 days ago)	[15/Jun/2026:21:41:41.168397 +0100] ajBjhecAiwACzjbaq3EdCwAAAAo 2603:3:6101:b8c0:: 55408 2a03:9800:1 ... show more [15/Jun/2026:21:41:41.168397 +0100] ajBjhecAiwACzjbaq3EdCwAAAAo 2603:3:6101:b8c0:: 55408 2a03:9800:10:1a0::2 7081 [15/Jun/2026:21:41:41.177024 +0100] ajBjhaxdnn9sRWXNKfJTVAAAAE8 2603:3:6101:b8c0:: 55424 2a03:9800:10:1a0::2 7081 ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 20:28:12 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:28:07.215410 2026] [security2:error] [pid 9807:tid 9834] [client 2603:3:6101:b8c0:::51614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omniuscorp.com"] [uri "/api/.env"] [unique_id "ajBgV6iUdfrcq3QZnsBq5wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 Anytech	2026-06-15 20:26:37 (3 days ago)	Blocked by Conn-Monitor: Automated bot activity	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:52:48 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:52:43.679101 2026] [security2:error] [pid 10933:tid 10933] [client 2603:3:6101:b8c0:::48078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dayspapass.com"] [uri "/.env"] [unique_id "ajBYC8ykG_1EiArVbXyljgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dklueh79	2026-06-15 18:48:59 (3 days ago)	Probe for vulnerabilities. Path attempted: /.env	Web App Attack
🇩🇪 BlueWire Hosting	2026-06-15 18:31:41 (3 days ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 17:59:35 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:59:30.683935 2026] [security2:error] [pid 2391:tid 2391] [client 2603:3:6101:b8c0:::38554] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cinziallc.com"] [uri "/.env"] [unique_id "ajA9gr8jVxB6_CFRAlaCCgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-15 17:56:08 (3 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:41:13 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:41:09.834615 2026] [security2:error] [pid 18406:tid 18406] [client 2603:3:6101:b8c0:::58582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iconflgc.com"] [uri "/.env"] [unique_id "ajA5NdgNGPizQXzaxx70XgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:08:18 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 2603:3:6101:b8c0:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:08:13.548233 2026] [security2:error] [pid 7706:tid 7706] [client 2603:3:6101:b8c0:::59798] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fibroscopie.net"] [uri "/.env"] [unique_id "ajAjbUg9hI5Qr5rRea5ONgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.196

🇨🇦 85.217.149.28

🇸🇦 77.240.87.244

🇳🇱 45.156.128.129

🇫🇮 45.87.249.146

🇨🇳 14.103.123.232

🇺🇸 208.84.102.17

🇹🇭 203.172.139.110

🇧🇷 186.251.71.202

🇺🇸 107.174.86.81

🇻🇳 103.90.224.22

🇩🇪 94.134.109.223

🇬🇧 94.1.174.180

🇺🇸 66.228.53.174

🇸🇪 34.51.213.81

🇩🇪 31.40.192.65

🇧🇪 23.251.137.104

🇺🇸 20.65.195.113

🇮🇱 2a05:d025:668:3b01:45f:64d3:1f30:3dbd

🇰🇷 211.178.247.182