This IP was reported 207 times. Confidence of
Abuse
is 47%: ?
47%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
This IP address has been reported a total of
207
times from
61 distinct
sources.
2602:80d:1004::1f was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
[TueJul0713:44:13.5805592026][security2:error][pid3807520:tid3807789][client2602:80d:1004::1f:0]ModS ...
show more[TueJul0713:44:13.5805592026][security2:error][pid3807520:tid3807789][client2602:80d:1004::1f:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.hostingedominio.ch\"][uri\"/\"][unique_id\"akzmjVC0m9LzdIAw6lXMZgAAAYg\"]
show less
[SatJul0417:09:51.7591042026][security2:error][pid1656309:tid1656328][client2602:80d:1004::1f:0]ModS ...
show more[SatJul0417:09:51.7591042026][security2:error][pid1656309:tid1656328][client2602:80d:1004::1f:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a01:4f8:212:1561::8\"][uri\"/\"][unique_id\"akkiP4P6_GSgXCmTNrhVcAAAAAg\"]
show less
Port Scan
Brute-Force
Web App Attack
Anonymous
This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent
[TueJun3003:50:35.5081012026][security2:error][pid3767082:tid3767190][client2602:80d:1004::1f:0]ModS ...
show more[TueJun3003:50:35.5081012026][security2:error][pid3767082:tid3767190][client2602:80d:1004::1f:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.cst-ranghetti.ch\"][uri\"/\"][unique_id\"akMg6-MUXnaiMubnoimn3wAAARM\"]
show less
CrowdSec: Ip 2602:80d:1004::1f performed 'crowdsecurity/http-bad-user-agent' (2 events over 1.293227 ...
show moreCrowdSec: Ip 2602:80d:1004::1f performed 'crowdsecurity/http-bad-user-agent' (2 events over 1.29322745s) at 2026-06-20 21:03:34.798936762 +0000 UTC (scenario: crowdsecurity/http-bad-user-agent)
show less
CrowdSec: Ip 2602:80d:1004::1f performed 'crowdsecurity/http-bad-user-agent' (2 events over 6.017622 ...
show moreCrowdSec: Ip 2602:80d:1004::1f performed 'crowdsecurity/http-bad-user-agent' (2 events over 6.017622176s) at 2026-06-20 09:37:51.659265505 +0000 UTC (scenario: crowdsecurity/http-bad-user-agent)
show less
[MonJun1514:05:58.7215602026][security2:error][pid72772:tid72932][client2602:80d:1004::1f:0]ModSecur ...
show more[MonJun1514:05:58.7215602026][security2:error][pid72772:tid72932][client2602:80d:1004::1f:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.cst-ranghetti.ch\"][uri\"/\"][unique_id\"ai_qpjVzCSaofMNQw-JQ7QAAANg\"]
show less
[ThuJun1100:27:49.7230362026][security2:error][pid110088:tid110351][client2602:80d:1004::1f:0]ModSec ...
show more[ThuJun1100:27:49.7230362026][security2:error][pid110088:tid110351][client2602:80d:1004::1f:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"swiss-web-hosting.com\"][uri\"/\"][unique_id\"aink5T2M-dZ2kcyB9lp7tAAAAMA\"]
show less
2602:80d:1004::1f has been banned for triggering http-bad-user-agent (2 events over 3.487909763s). T ...
show more2602:80d:1004::1f has been banned for triggering http-bad-user-agent (2 events over 3.487909763s). The user-agent Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) is not allowed.
show less