JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:fa59:10:2ef::1

2602:fa59:10:2ef::1 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 90%: ?

90%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	RouterHosting LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14956
Domain Name	cloudzy.com
Country	🇺🇸 United States of America
City	Salt Lake City, Utah

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:fa59:10:2ef::1

Whois 2602:fa59:10:2ef::1

IP Abuse Reports for 2602:fa59:10:2ef::1:

This IP address has been reported a total of 23 times from 17 distinct sources. 2602:fa59:10:2ef::1 was first reported on June 8th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 lindi	2026-06-12 23:20:25 (17 hours ago)	Probing for resource vulnerabilities ...	Web Spam Brute-Force Bad Web Bot Exploited Host Web App Attack
🇫🇷 ELYAZ	2026-06-12 21:23:26 (19 hours ago)	(y3) Failed access -byebye- from 2602:fa59:10:2ef::1 (Unknown): (CF_ENABLE)	Hacking
🇺🇸 TPI-Abuse	2026-06-12 16:49:57 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:2ef::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2602:fa59:10:2ef::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:49:49.137704 2026] [security2:error] [pid 20301:tid 20301] [client 2602:fa59:10:2ef::1:23542] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.steamheat.tech"] [uri "/.env"] [unique_id "aiw4rdFBwz7TLUVzNSereAAAADA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 11:16:39 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:2ef::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2602:fa59:10:2ef::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:16:33.132423 2026] [security2:error] [pid 31454:tid 31454] [client 2602:fa59:10:2ef::1:31714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrobertsignaturehomes.com"] [uri "/.env"] [unique_id "aivqkbCxhIBm3IefS6LG6QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 juutis	2026-06-12 08:13:19 (1 day ago)	Multiple WAF abuses - IP blocked	Hacking Brute-Force Web App Attack
🇬🇧 foxxelabs	2026-06-12 06:02:23 (1 day ago)	Automated report from FoxxeLabs Sentinel. Path probed: /.env \| Project: taca \| Reason(s): Known expl ... show more Automated report from FoxxeLabs Sentinel. Path probed: /.env \| Project: taca \| Reason(s): Known exploit path: /.env; AbuseIPDB score: 75/100 \| User-Agent: Go-http-client/2.0 show less	Web App Attack
🇩🇪 betternews.app	2026-06-12 01:31:45 (1 day ago)	"a web request contained keyword ".env"; Suspicious URL: /.env"	Web Spam Blog Spam Brute-Force Bad Web Bot Web App Attack
🇩🇪 Viveronese	2026-06-12 00:06:02 (1 day ago)	HTTP vulnerability scanning	Web App Attack
🇩🇪 tall1oN	2026-06-11 23:47:40 (1 day ago)	2602:fa59:10:2ef::1 - - [12/Jun/2026:01:47:39 +0200] "GET /.env HTTP/2.0" 200 1684 "-" "Go-http-clie ... show more 2602:fa59:10:2ef::1 - - [12/Jun/2026:01:47:39 +0200] "GET /.env HTTP/2.0" 200 1684 "-" "Go-http-client/2.0" "exatek.de" 2602:fa59:10:2ef::1 - - [12/Jun/2026:01:47:40 +0200] "GET /.env HTTP/2.0" 200 1684 "http://exatek.de:80/.env" "Go-http-client/2.0" "exatek.de" ... show less	Web App Attack Port Scan Hacking
🇳🇱 e.fierstra	2026-06-11 21:34:16 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇦🇹 René Hickersberger	2026-06-11 19:01:50 (1 day ago)	malicious bot detected: violations="hit-honeypot"; user_agent="Go-http-client/2.0"	Web App Attack
🇫🇷 [email protected]	2026-06-11 13:25:54 (2 days ago)	PrestaShop Security Module: Suspicious path detected (/.git)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 11:43:40 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:2ef::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2602:fa59:10:2ef::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:43:33.163663 2026] [security2:error] [pid 6729:tid 6729] [client 2602:fa59:10:2ef::1:55054] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.uhrmazhi.com.greighhouse.com"] [uri "/.env"] [unique_id "aiqfZdHVnwiJnA9f_H6k2wAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Kinsei Engineering Inc.	2026-06-11 11:42:08 (2 days ago)	2026/06/11 20:42:07 [error] 188062#188062: 43461 access forbidden by rule, client: 2602:fa59:10:2ef ... show more 2026/06/11 20:42:07 [error] 188062#188062: 43461 access forbidden by rule, client: 2602:fa59:10:2ef::1, server: www.kinsei.jp, request: "GET /.env HTTP/2.0", host: "www.kinsei.jp", referrer: "https://kinsei.jp/.env" 2026/06/11 20:42:07 [error] 188059#188059: 43462 access forbidden by rule, client: 2602:fa59:10:2ef::1, server: www.kinsei.jp, request: "GET /.env HTTP/2.0", host: "www.kinsei.jp", referrer: "https://kinsei.jp:443/.env" 2026/06/11 20:42:07 [error] 188062#188062: 43461 access forbidden by rule, client: 2602:fa59:10:2ef::1, server: www.kinsei.jp, request: "GET /.git/HEAD HTTP/2.0", host: "www.kinsei.jp", referrer: "https://kinsei.jp:443/.git/HEAD" show less	Brute-Force Web Spam
🇨🇦 Not Fake	2026-06-11 06:25:03 (2 days ago)	$f2bV_matches	Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 63.176.107.70

🇫🇷 37.59.110.4

🇺🇸 12.68.228.244

🇺🇸 162.216.150.159

🇫🇮 147.185.133.58

🇱🇰 124.43.6.160

🇮🇩 103.154.231.122

🇱🇻 91.105.20.128

🇺🇸 34.174.192.190

🇺🇸 34.16.165.91

🇩🇪 31.76.111.27

🇧🇷 2400:cb00:729:1000:dede:e4b5:35d9:84b7

🇻🇳 113.160.186.93

🇧🇬 91.92.199.36

🇨🇦 85.217.149.8

🇰🇿 2.134.138.49

🇮🇹 2a05:d01a:5b1:e202:ecd8:5cad:16df:78e6

🇫🇷 217.182.64.143

🇨🇴 190.107.24.68

🇲🇽 187.170.65.227