JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:8bc0:2:61b9::1

2a0b:8bc0:2:61b9::1 was found in our database!

This IP was reported 208 times. Confidence of Abuse is 39%: ?

39%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:8bc0:2:61b9::1

Whois 2a0b:8bc0:2:61b9::1

IP Abuse Reports for 2a0b:8bc0:2:61b9::1:

This IP address has been reported a total of 208 times from 91 distinct sources. 2a0b:8bc0:2:61b9::1 was first reported on April 16th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-06-22 05:25:06 (3 days ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇩🇪 ecs.ge	2026-05-11 07:22:32 (1 month ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇫🇷 dynamix	2026-05-05 16:11:39 (1 month ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Teufel100	2026-05-05 13:59:39 (1 month ago)	ModSecurity rejected a query'	Brute-Force Hacking Web App Attack
🇵🇱 sefinek.net	2026-05-05 10:42:58 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /.env.production \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 pinguin	2026-05-05 09:00:10 (1 month ago)	Triggered Cloudflare WAF (firewallManaged) from NL. Action taken: LOG Protocol: HTTP/1.1 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from NL. Action taken: LOG Protocol: HTTP/1.1 (GET method) Endpoint: /backend/.env UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 ecs.ge	2026-05-04 17:14:45 (1 month ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇩🇪 4server	2026-05-04 14:37:07 (1 month ago)	[MonMay0416:37:02.2862812026][security2:error][pid308299:tid308402][client2a0b:8bc0:2:61b9::1:0]ModS ... show more [MonMay0416:37:02.2862812026][security2:error][pid308299:tid308402][client2a0b:8bc0:2:61b9::1:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"shop.ponzellini.ch\"][uri\"/api/.env\"][unique_id\"afivDqdH0avj1OaI5njmRwAAAMk\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 dynamix	2026-05-04 11:39:07 (1 month ago)	Multiple WAF Violations	Web App Attack
🇫🇮 kumiko	2026-05-04 05:54:55 (1 month ago)	[2026-05-04 08:54:55] Probing for dotfiles "GET /backend/.env HTTP/1.1" 500	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-05-04 03:53:00 (1 month ago)	Try to access /.aws/credentials	Web App Attack
🇵🇱 sefinek.net	2026-05-04 01:22:22 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from NL. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from NL. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /.env.production \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇹 ciccio diddo	2026-05-03 22:04:43 (1 month ago)	CMS/WP Exploit multiple 404 port:Tcp/80,443	Brute-Force Web App Attack
🇫🇷 YF	2026-05-03 12:25:13 (1 month ago)	WordPress directory enumeration	Web App Attack
🇩🇪 SCHAPPY	2026-05-03 03:38:10 (1 month ago)	Malicious activity from IP detected: crowdsecurity/http-sensitive-files.	Web App Attack Hacking

Showing 1 to 15 of 208 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 144.124.192.254

🇩🇪 213.209.159.226

🇨🇴 191.95.130.31

🇪🇪 158.173.75.37

🇫🇮 147.185.133.123

🇮🇳 103.120.176.128

🇺🇸 208.109.191.140

🇺🇸 198.211.106.199

🇧🇷 187.86.96.93

🇸🇪 185.246.128.152

🇺🇸 185.180.141.12

🇦🇫 180.94.75.122

🇧🇷 167.250.216.57

🇺🇸 162.216.149.217

🇸🇪 155.4.244.179

🇰🇪 154.159.243.54

🇪🇸 82.223.49.127

🇺🇸 52.188.189.7

🇬🇧 35.203.210.246

🇧🇪 198.235.24.165