This IP was reported 39 times. Confidence of
Abuse
is 100%: ?
100%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
This IP address has been reported a total of
39
times from
17 distinct
sources.
2602:fb54:9dc:: was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
(mod_security) mod_security (id:210730) triggered by 2602:fb54:9dc:: (Unknown): 1 in the last 300 se ...
show more(mod_security) mod_security (id:210730) triggered by 2602:fb54:9dc:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:15:50.188247 2026] [security2:error] [pid 31038:tid 31038] [client 2602:fb54:9dc:::34248] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.lfrmtmorris.encoremtmorris.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.lfrmtmorris.encoremtmorris.com"] [uri "/wp-content/debug.log"] [unique_id "ai9SRrfX42C0752DLb0NdgAAAAA"]
show less
*Port Scan* detected from 2602:fb54:9dc:: (US/United States/Missouri/North Kansas City/-/[redacted]) ...
show more*Port Scan* detected from 2602:fb54:9dc:: (US/United States/Missouri/North Kansas City/-/[redacted]).
show less
(modsecurity) srv101 ModSecurity 2602:fb54:9dc:: (US/United States/-): 10 in the last 3600 secs; Por ...
show more(modsecurity) srv101 ModSecurity 2602:fb54:9dc:: (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
(mod_security) mod_security (id:210730) triggered by 2602:fb54:9dc:: (Unknown): 1 in the last 300 se ...
show more(mod_security) mod_security (id:210730) triggered by 2602:fb54:9dc:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 10:16:26.820659 2026] [security2:error] [pid 17288:tid 17288] [client 2602:fb54:9dc:::22946] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||helstone.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "helstone.com"] [uri "/wp-content/debug.log"] [unique_id "ai63uhT4t_6mA_ODIcaqPQAAAAQ"]
show less
(mod_security) mod_security (id:210730) triggered by 2602:fb54:9dc:: (Unknown): 1 in the last 300 se ...
show more(mod_security) mod_security (id:210730) triggered by 2602:fb54:9dc:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 09:33:51.803755 2026] [security2:error] [pid 7902:tid 7902] [client 2602:fb54:9dc:::41752] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.mickmashbir.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mickmashbir.com"] [uri "/wp-content/debug.log"] [unique_id "ai6tvy27gZRVwHVf2x5qHwAAAAY"]
show less