JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:fed2:7e0a::d001

2602:fed2:7e0a::d001 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 13%: ?

13%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Free Range Cloud Hosting Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136557
Domain Name	freerangecloud.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:fed2:7e0a::d001

Whois 2602:fed2:7e0a::d001

IP Abuse Reports for 2602:fed2:7e0a::d001:

This IP address has been reported a total of 6 times from 4 distinct sources. 2602:fed2:7e0a::d001 was first reported on March 25th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇬 leithzz	2026-06-15 15:20:25 (2 days ago)	Report by Cloudflare.Time: 2026-06-15T15:15:08Z	DDoS Attack
🇫🇮 as211431.net	2026-06-08 06:01:21 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (HEAD method) Endpoint: /docs/llms-full.txt UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇭🇺 kranem	2026-03-31 12:00:24 (2 months ago)	Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 136557 (HOST-AS-AP Host Universal Pty Ltd ... show more Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 136557 (HOST-AS-AP Host Universal Pty Ltd) Protocol: HTTP/1.1 (HEAD method) Endpoint: /docs/llms.txt Timestamp: 2026-03-31T11:52:55Z User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 show less	Bad Web Bot
🇫🇮 as211431.net	2026-03-30 05:01:46 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (HEAD method) Endpoint: /.well-known/llms.txt UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-25 05:52:20 (2 months ago)	(mod_security) mod_security (id:211190) triggered by 2602:fed2:7e0a::d001 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:211190) triggered by 2602:fed2:7e0a::d001 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 01:52:14.072804 2026] [security2:error] [pid 14602:tid 14602] [client 2602:fed2:7e0a::d001:46932] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.assets.kanata.ws\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /fuel/pages/select/?filter=%27%2bpi(print(%24a%3d%27system%27))%2b%24a(%27cat%20/etc/passwd%27)%2b%27"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.assets.kanata.ws"] [uri "/fuel/pages/select/"] [unique_id "acN4DlrYN4swBbHAMDEQpwAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 05:06:12 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 2602:fed2:7e0a::d001 (Unknown): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 2602:fed2:7e0a::d001 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 01:06:05.119117 2026] [security2:error] [pid 5569:tid 5569] [client 2602:fed2:7e0a::d001:7494] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.vollmer.ws"] [uri "/.env"] [unique_id "acNtPWIW6OyHLguSSmvY5gAAACI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.182.10

🇭🇰 152.32.129.236

🇺🇸 107.5.104.74

🇿🇦 102.66.144.159

🇺🇸 2604:a940:300:5b6:0:23::

🇬🇧 193.163.125.127

🇺🇸 162.216.150.201

🇮🇳 152.59.80.199

🇮🇪 148.135.228.251

🇨🇳 120.48.53.174

🇮🇳 47.247.80.227

🇲🇲 45.112.44.186

🇺🇸 44.248.161.232

🇬🇧 35.203.210.117

🇧🇪 34.14.46.90

🇷🇺 31.173.0.26

🇰🇷 221.140.57.201

🇺🇸 205.210.31.55

🇳🇱 185.242.226.87

🇮🇶 185.166.25.150