JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:fa59:10:acd::1

2602:fa59:10:acd::1 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 100%: ?

100%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	RouterHosting LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14956
Domain Name	cloudzy.com
Country	🇺🇸 United States of America
City	Salt Lake City, Utah

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:fa59:10:acd::1

Whois 2602:fa59:10:acd::1

IP Abuse Reports for 2602:fa59:10:acd::1:

This IP address has been reported a total of 70 times from 49 distinct sources. 2602:fa59:10:acd::1 was first reported on June 16th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Lezetho	2026-06-17 06:00:25 (3 hours ago)	DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare	DDoS Attack Email Spam Hacking Brute-Force
🇧🇷 Francisco Carlos	2026-06-16 14:14:00 (18 hours ago)	Honeypot captured 2 automated attack/scan requests (JR Save Tech). Types: git-leak. Sample: GET /.gi ... show more Honeypot captured 2 automated attack/scan requests (JR Save Tech). Types: git-leak. Sample: GET /.git/config show less	Bad Web Bot Web App Attack
🇩🇰 ScamAware	2026-06-16 12:12:50 (20 hours ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom. show less	Web App Attack
🇹🇭 thaizone.com	2026-06-16 11:55:49 (21 hours ago)	Brute Force Attack on a Web Resources (probe) #2	DDoS Attack Web Spam Brute-Force Web App Attack
🇫🇷 LRob.fr	2026-06-16 11:45:02 (21 hours ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-16 11:27:37 (21 hours ago)	(mod_security-custom) mod_security (id:210492) triggered by 2602:fa59:10:acd::1 (Unknown): 1 in the ... show more (mod_security-custom) mod_security (id:210492) triggered by 2602:fa59:10:acd::1 (Unknown): 1 in the last 3600 secs (0-srv1) show less	Hacking
🇩🇪 Teufel100	2026-06-16 10:32:07 (22 hours ago)	ModSecurity rejected a query	Brute-Force Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 09:50:47 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:acd::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2602:fa59:10:acd::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 05:50:40.483151 2026] [security2:error] [pid 14321:tid 14321] [client 2602:fa59:10:acd::1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kcdusa.com"] [uri "/.git/config"] [unique_id "ajEccJWqubyZehj6Bi8RmwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 09:35:17 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 2602:fa59:10:acd::1 (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2602:fa59:10:acd::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 05:35:12.136867 2026] [security2:error] [pid 27948:tid 27948] [client 2602:fa59:10:acd::1:33362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web146.dnchosting.com"] [uri "/.git/config"] [unique_id "ajEY0Ip3EEGpL6dBZ4sB2QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 debaba	2026-06-16 09:07:39 (23 hours ago)	[16/Jun/2026:05:19:20.382387 +0000] ajDc2EgjpPKerCTT5-Z94gAAAEI 2602:fa59:10:acd::1 45328 127.0.0.1 ... show more [16/Jun/2026:05:19:20.382387 +0000] ajDc2EgjpPKerCTT5-Z94gAAAEI 2602:fa59:10:acd::1 45328 127.0.0.1 7081 [16/Jun/2026:06:08:10.705097 +0000] ajDoSjrvq ... show less	Brute-Force Web App Attack
🇹🇭 thaizone.com	2026-06-16 09:05:47 (1 day ago)	Brute Force Attack on a Web Resources (probe) #1	DDoS Attack Web Spam Brute-Force Web App Attack
🇵🇱 sefinek.net	2026-06-16 08:52:37 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /.git/config \| UA: Mozilla/5.0 (X11; Linux x86_64) • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 Starburst SysOp Team	2026-06-16 08:45:56 (1 day ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-stl2-14)	Hacking Web App Attack
🇩🇪 Ba-Yu	2026-06-16 08:35:27 (1 day ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 Bedios GmbH	2026-06-16 08:34:47 (1 day ago)	Login credentials theft attempt	Hacking

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.84.100.238

🇳🇱 193.176.31.254

🇷🇺 185.70.130.143

🇸🇪 171.25.158.47

🇮🇳 103.145.55.184

🇮🇳 103.145.55.182

🇮🇳 103.21.53.146

🇺🇸 100.29.192.44

🇬🇧 87.236.176.71

🇨🇦 69.49.112.72

🇸🇬 43.172.198.149

🇺🇦 37.221.145.52

🇺🇸 23.144.132.6

🇨🇳 14.103.115.25

🇺🇸 216.180.246.114

🇺🇸 216.25.89.142

🇩🇪 192.109.200.145

🇦🇷 190.244.39.224

🇮🇹 185.15.171.102

🇷🇺 178.209.88.166