JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:8bc0:2:b562::1

2a0b:8bc0:2:b562::1 was found in our database!

This IP was reported 213 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:8bc0:2:b562::1

Whois 2a0b:8bc0:2:b562::1

IP Abuse Reports for 2a0b:8bc0:2:b562::1:

This IP address has been reported a total of 213 times from 96 distinct sources. 2a0b:8bc0:2:b562::1 was first reported on April 13th 2026, and the most recent report was 49 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 S.O.B.A. Dev.	2026-06-29 22:14:49 (49 minutes ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
🇺🇸 Sling	2026-06-29 19:12:01 (3 hours ago)	Automated detection: IP accessed 7 sensitive endpoints within 30s on slingexe.com. Paths: /.git/HEAD ... show more Automated detection: IP accessed 7 sensitive endpoints within 30s on slingexe.com. Paths: /.git/HEAD, /env, /.env, /.env.production, /config.json, /.aws/credentials, /.env.local. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36. show less	Web App Attack Bad Web Bot Hacking
🇺🇸 Sockets-AR	2026-06-29 17:55:33 (5 hours ago)	CrowdSec: sensitive file probing detected (crowdsecurity/http-sensitive-files) at 2026-06-29T17:55:3 ... show more CrowdSec: sensitive file probing detected (crowdsecurity/http-sensitive-files) at 2026-06-29T17:55:32.575Z show less	Web App Attack
🇩🇪 BlueWire Hosting	2026-06-29 17:54:58 (5 hours ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇫🇷 Baking333	2026-06-29 14:29:25 (8 hours ago)	[redacted] 2a0b:8bc0:2:b562::1 - - [29/Jun/2026:15:29:23 +0100] "GET /.git/HEAD HTTP/1.1" 302 1554 0 ... show more [redacted] 2a0b:8bc0:2:b562::1 - - [29/Jun/2026:15:29:23 +0100] "GET /.git/HEAD HTTP/1.1" 302 1554 0/68793 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" [redacted] 2a0b:8bc0:2:b562::1 - - [29/Jun/2026:15:29:23 +0100] "GET /.env HTTP/1.1" 302 1554 0/59457 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15" show less	Bad Web Bot Web App Attack
Anonymous	2026-06-29 11:54:24 (11 hours ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 webanyone	2026-06-29 11:45:39 (11 hours ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
Anonymous	2026-06-29 10:12:20 (12 hours ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇺🇸 jsjdmediallc	2026-06-29 07:40:05 (15 hours ago)	Auto-blocked: score 104 (threshold 10). Tier: HIGH. Hits: 60. Flags: high-rate, xmlrpc, env-file, cr ... show more Auto-blocked: score 104 (threshold 10). Tier: HIGH. Hits: 60. Flags: high-rate, xmlrpc, env-file, credentials, aws-creds, git-exposure, git-config. Paths: /category/safety-and-security/page/3/, /category/safety-and-security/page/4/, /wp-json/wp/v2/categories/4, /2025/09/29/the-top-3-compliance-red-flags-in-2025-and-how-to-get-ahead-of-them/, /2025/04/10/access-granted-how-to-welcome-visitors-without-compromising-security/ show less	Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-29 05:46:21 (17 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇫🇷 Baking333	2026-06-29 00:46:52 (22 hours ago)	[redacted] 2a0b:8bc0:2:b562::1 - - [29/Jun/2026:01:46:49 +0100] "GET /.git/HEAD HTTP/1.1" 302 6768 0 ... show more [redacted] 2a0b:8bc0:2:b562::1 - - [29/Jun/2026:01:46:49 +0100] "GET /.git/HEAD HTTP/1.1" 302 6768 0/57140 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109" [redacted] 2a0b:8bc0:2:b562::1 - - [29/Jun/2026:01:46:50 +0100] "GET /.env HTTP/1.1" 302 6768 0/85729 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15" show less	Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-28 20:15:05 (1 day ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 19:27:13 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2a0b:8bc0:2:b562::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:8bc0:2:b562::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 15:27:07.267705 2026] [security2:error] [pid 19668:tid 19668] [client 2a0b:8bc0:2:b562::1:55496] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "torresyrellenos.com"] [uri "/.git/HEAD"] [unique_id "akF1i8M4nnOSZdAsgnh4awAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-28 19:06:11 (1 day ago)	[SunJun2821:06:09.2909952026][security2:error][pid2015155:tid2015255][client2a0b:8bc0:2:b562::1:0]Mo ... show more [SunJun2821:06:09.2909952026][security2:error][pid2015155:tid2015255][client2a0b:8bc0:2:b562::1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"traslocaresubito.ch\"][uri\"/.git/HEAD\"][unique_id\"akFwoQZVpj9ciaW-z6EJaQAAAJI\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-28 18:24:47 (1 day ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 213 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇳🇱 185.226.197.7

🇮🇳 122.166.250.202

🇳🇬 102.88.137.80

🇨🇳 221.228.203.3

🇸🇬 103.189.235.182

🇻🇳 103.75.183.57

🇨🇿 91.224.90.50

🇺🇸 68.225.61.18

🇺🇸 64.62.156.93

🇿🇦 41.173.43.34

🇨🇳 182.40.103.253

🇨🇦 167.114.156.169

🇨🇦 144.217.161.208

🇺🇸 66.175.212.77

🇨🇳 203.6.235.51

🇧🇷 200.131.5.202

🇹🇷 188.59.88.234

🇺🇸 128.203.203.4

🇮🇳 122.187.250.250