JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:8bc0:2:3bb6::1

2a0b:8bc0:2:3bb6::1 was found in our database!

This IP was reported 113 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:8bc0:2:3bb6::1

Whois 2a0b:8bc0:2:3bb6::1

IP Abuse Reports for 2a0b:8bc0:2:3bb6::1:

This IP address has been reported a total of 113 times from 48 distinct sources. 2a0b:8bc0:2:3bb6::1 was first reported on April 26th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-17 04:22:09 (3 days ago)	(y4) Failed scan -byebye- from 2a0b:8bc0:2:3bb6::1 (Unknown): (CF_ENABLE)	Hacking
🇳🇱 Mangelot Hosting	2026-06-16 14:56:13 (3 days ago)	(modsecurity) srv201 ModSecurity 2a0b:8bc0:2:3bb6::1 (NL/The Netherlands/-): 10 in the last 3600 sec ... show more (modsecurity) srv201 ModSecurity 2a0b:8bc0:2:3bb6::1 (NL/The Netherlands/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
Anonymous	2026-06-16 04:07:01 (4 days ago)	Automated web scanner. Requested suspicious paths: /.aws/credentials, /.env, /.env.development, /.en ... show more Automated web scanner. Requested suspicious paths: /.aws/credentials, /.env, /.env.development, /.env.local, /.env.production. UTC: 2026-06-16 03:11:10. show less	Web App Attack
🇩🇪 SCHAPPY	2026-06-16 03:27:59 (4 days ago)	Malicious activity from IP detected: crowdsecurity/http-sensitive-files.	Web App Attack Hacking
🇫🇷 ELYAZ	2026-06-15 17:04:52 (4 days ago)	(y4) Failed scan -byebye- from 2a0b:8bc0:2:3bb6::1 (Unknown): (CF_ENABLE)	Hacking
🇳🇱 Site.eu	2026-06-15 09:30:19 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 Mangelot Hosting	2026-06-15 07:38:53 (5 days ago)	(modsecurity) srv102 ModSecurity 2a0b:8bc0:2:3bb6::1 (NL/The Netherlands/-): 10 in the last 3600 sec ... show more (modsecurity) srv102 ModSecurity 2a0b:8bc0:2:3bb6::1 (NL/The Netherlands/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇨🇦 lakered	2026-06-15 06:47:18 (5 days ago)	Detectors: [NGINX] \| Reasons: Nginx: Default server trap hit \| Automated scan targeting an unauthori ... show more Detectors: [NGINX] \| Reasons: Nginx: Default server trap hit \| Automated scan targeting an unauthorized host or default server sinkhole \| Tech Evidence: JA4H: 898832603e02ab945aa03e8aa5811794, Minimal-Browser-Profile, Lazy-Header-Accept, Fake-Chrome-Desktop (No-CH), JA4: t13d1312h1 \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 \| ASN: 41608 (NextGenWebs, S.L.) show less	Port Scan Exploited Host Bad Web Bot
🇩🇪 4server	2026-06-15 05:54:42 (5 days ago)	[MonJun1507:54:38.3966242026][security2:error][pid3650296:tid3650299][client2a0b:8bc0:2:3bb6::1:0]Mo ... show more [MonJun1507:54:38.3966242026][security2:error][pid3650296:tid3650299][client2a0b:8bc0:2:3bb6::1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"massimilianoparquet.ch\"][uri\"/.git/config\"][unique_id\"ai-TnoZ-XF-x1qSNvze7ewAAAIA\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-14 17:00:04 (5 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇫🇷 dynamix	2026-06-14 16:03:09 (5 days ago)	Multiple WAF Violations	Web App Attack
🇳🇱 e.fierstra	2026-06-14 10:27:54 (5 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-13 15:15:26 (6 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇦🇺 2000cn.com.au	2026-06-13 14:50:35 (6 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
Anonymous	2026-06-13 14:43:11 (6 days ago)	2a0b:8bc0:2:3bb6::1 - - [13/Jun/2026:11:43:10 -0300] "GET /.git/HEAD HTTP/1.1" 301 169 "-" "Mozilla/ ... show more 2a0b:8bc0:2:3bb6::1 - - [13/Jun/2026:11:43:10 -0300] "GET /.git/HEAD HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Port Scan Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host

Showing 1 to 15 of 113 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.155.92

🇩🇪 194.187.176.25

🇳🇱 176.65.149.236

🇸🇪 155.4.244.107

🇺🇸 153.66.83.3

🇫🇮 147.185.133.151

🇺🇸 104.234.208.39

🇺🇸 103.203.57.21

🇧🇾 93.84.97.4

🇩🇪 88.214.25.121

🇸🇬 85.203.21.227

🇱🇹 81.30.98.158

🇨🇳 61.136.165.202

🇷🇴 2.57.122.177

🇧🇷 205.210.31.240

🇧🇩 203.89.124.225

🇵🇾 181.123.62.210

🇭🇳 181.115.61.7

🇩🇪 167.94.146.54

🇮🇳 117.198.99.18