AbuseIPDB » 2602:fb54:68b::

2602:fb54:68b:: was found in our database!

This IP was reported 125 times. Confidence of Abuse is 84%: ?

84%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Advin Services LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206216
Domain Name	advinservices.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 2602:fb54:68b::

Whois 2602:fb54:68b::

IP Abuse Reports for 2602:fb54:68b:::

This IP address has been reported a total of 125 times from 56 distinct sources. 2602:fb54:68b:: was first reported on May 26th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
MatStef132	2025-06-28 06:30:00 (2 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from SG. Action taken: CHALLENGE Protocol: HTT ... show moreTriggered Cloudflare WAF (firewallCustom) from SG. Action taken: CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /gdftps.php UA: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 show less	Bad Web Bot
cmbplf	2025-06-28 04:58:33 (2 weeks ago)	2.111 requests from abuseipdb.com blacklisted IP (11mos6d17h)	Brute-Force Bad Web Bot
mawan	2025-06-28 04:32:44 (2 weeks ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
betternews.app	2025-06-27 11:09:07 (2 weeks ago)	"a web request contained keyword ".php"; Suspicious URL: /cjfuns.php?encoded=shell"	Web Spam Blog Spam Brute-Force Bad Web Bot Web App Attack
Mangelot Hosting	2025-06-24 21:01:59 (3 weeks ago)	(PERMBLOCK) 2602:fb54:68b:: (Unknown) has had more than 4 temp blocks in the last 86400 secs; Ports: ... show more(PERMBLOCK) 2602:fb54:68b:: (Unknown) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
Hazzard	2025-06-24 20:43:44 (3 weeks ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted])	Bad Web Bot
S.O.B.A. Dev.	2025-06-24 15:36:09 (3 weeks ago)	Threat Blocked by BeeHive from (ASN:206216) (Network:ADVIN-AS) (Host:soba.dev) (Method:GET) (Protoco ... show moreThreat Blocked by BeeHive from (ASN:206216) (Network:ADVIN-AS) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2025-06-24T15:36:09Z) show less	Web Spam Brute-Force Web App Attack
antlac1	2025-06-24 14:41:33 (3 weeks ago)	crowdsecurity/http-bad-user-agent	Brute-Force Web App Attack
betternews.app	2025-06-24 08:17:25 (3 weeks ago)	"a web request contained keyword "wp-content"; Suspicious URL: /wp-content/lock1.php"	Web Spam Blog Spam Brute-Force Bad Web Bot Web App Attack
Mangelot Hosting	2025-06-24 03:33:51 (3 weeks ago)	(bad_bot) srv104 Bad Bot Detected: Moblie Safari 2602:fb54:68b:: (Unknown): 5 in the last 3600 secs; ... show more(bad_bot) srv104 Bad Bot Detected: Moblie Safari 2602:fb54:68b:: (Unknown): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
S.O.B.A. Dev.	2025-06-21 13:53:48 (3 weeks ago)	Web vulnerability scanning	Web Spam Brute-Force Web App Attack
antlac1	2025-06-21 12:32:33 (3 weeks ago)	crowdsecurity/http-bad-user-agent	Brute-Force Web App Attack
betternews.app	2025-06-21 06:43:19 (3 weeks ago)	"a web request contained keyword ".php"; Suspicious URL: /hplfuns.php"	Web Spam Blog Spam Brute-Force Bad Web Bot Web App Attack
oh.mg	2025-06-20 23:53:33 (3 weeks ago)	[Sat Jun 21 01:52:49.618722 2025] [security2:error] [pid 1816311:tid 1816313] [client 2602:fb54:68b: ... show more[Sat Jun 21 01:52:49.618722 2025] [security2:error] [pid 1816311:tid 1816313] [client 2602:fb54:68b:::49634] [client 2602:fb54:68b::] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "nei.lol"] [uri "/gdftps.php"] [unique_id "aFX0UXe5MJIXWsf6L-fNmgAAAEA"] [Sat Jun 21 01:53:32.739675 2025] [security2:error] [pid 299161:tid 299176] [client 2602:fb54:68b:::56356] [client 2602:fb54:68b::] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] ... show less	Bad Web Bot Web App Attack
Anonymous	2025-06-20 23:30:26 (3 weeks ago)	Attempted search for exploits and vulnerabilities detected by fail2ban noscript ...	Brute-Force Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩