JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a0b:8bc0:2:e166::1

2a0b:8bc0:2:e166::1 was found in our database!

This IP was reported 210 times. Confidence of Abuse is 40%: ?

40%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a0b:8bc0:2:e166::1

Whois 2a0b:8bc0:2:e166::1

IP Abuse Reports for 2a0b:8bc0:2:e166::1:

This IP address has been reported a total of 210 times from 93 distinct sources. 2a0b:8bc0:2:e166::1 was first reported on April 15th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-06-23 05:52:11 (3 days ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇫🇷 dynamix	2026-05-05 10:39:39 (1 month ago)	Multiple WAF Violations	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-05 08:45:32 (1 month ago)	2a0b:8bc0:2:e166::1 - - [05/May/2026:11:45:31 +0300] "GET /.env HTTP/1.1" 404 709 "-" "Mozilla/5.0 ( ... show more 2a0b:8bc0:2:e166::1 - - [05/May/2026:11:45:31 +0300] "GET /.env HTTP/1.1" 404 709 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 2a0b:8bc0:2:e166::1 - - [05/May/2026:11:45:31 +0300] "GET /backend/.env HTTP/1.1" 404 709 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" ... show less	Web App Attack
🇺🇸 antlac1	2026-05-05 07:54:59 (1 month ago)	crowdsecurity/http-sensitive-files	Brute-Force Web App Attack
🇫🇷 debaba	2026-05-05 06:07:41 (1 month ago)	[05/May/2026:06:07:40.980409 +0000] afmJLCkZ1v_-xUAMwleHhQAAAMs 2a0b:8bc0:2:e166::1 34632 127.0.0.1 ... show more [05/May/2026:06:07:40.980409 +0000] afmJLCkZ1v_-xUAMwleHhQAAAMs 2a0b:8bc0:2:e166::1 34632 127.0.0.1 7081 [05/May/2026:06:07:40.981670 +0000] afmJLPd7g ... show less	Brute-Force Web App Attack
🇳🇱 e.fierstra	2026-05-05 05:27:59 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2026-05-05 03:59:13 (1 month ago)	Malicious activity from IP detected: crowdsecurity/http-sensitive-files.	Web App Attack Hacking
🇩🇪 seal	2026-05-05 01:16:46 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	SSH Brute-Force
🇺🇸 WizardsToolkit	2026-05-05 00:20:16 (1 month ago)		Brute-Force
🇮🇳 Genhost	2026-05-04 23:18:12 (1 month ago)	SCANNING OF PHP SHELL FILES	Brute-Force SSH
🇩🇪 LRob.fr	2026-05-04 19:30:02 (1 month ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇩🇪 4server	2026-05-04 18:24:28 (1 month ago)	[MonMay0420:24:26.9969692026][security2:error][pid546279:tid546342][client2a0b:8bc0:2:e166::1:0]ModS ... show more [MonMay0420:24:26.9969692026][security2:error][pid546279:tid546342][client2a0b:8bc0:2:e166::1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"albertiarnaldoluigi.ch\"][uri\"/.env.local\"][unique_id\"afjkWr0hgyZrQBhCdjwC-AAAAEo\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 dynamix	2026-05-04 05:56:33 (1 month ago)	Multiple WAF Violations	Web App Attack
🇳🇱 e.fierstra	2026-05-04 04:16:44 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇨🇦 SoteriaCovenant	2026-05-04 01:30:02 (1 month ago)	Automated probe: /.env on Soteria Global infrastructure. No vulnerable software present.	Web App Attack

Showing 1 to 15 of 210 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 209.85.128.101

🇩🇪 185.220.100.243

🇨🇳 180.167.128.203

🇨🇳 110.249.201.12

🇵🇱 74.248.24.188

🇸🇬 23.111.14.189

🇮🇳 4.213.38.49

🇮🇹 195.231.39.17

🇻🇳 180.93.43.95

🇮🇩 163.7.5.163

🇭🇰 150.5.154.160

🇺🇸 38.148.249.2

🇨🇭 20.203.180.35

🇨🇳 14.103.118.177

🇰🇷 222.96.44.234

🇨🇳 218.61.251.3

🇬🇧 213.171.208.62

🇺🇸 136.117.144.65

🇺🇸 66.132.195.15

🇳🇱 45.148.10.240