This IP was reported 198 times. Confidence of
Abuse
is 57%: ?
57%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
This IP address has been reported a total of
198
times from
64 distinct
sources.
2602:80d:1004::39 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
[WedJul0816:48:58.2922622026][security2:error][pid2856523:tid2856588][client2602:80d:1004::39:0]ModS ...
show more[WedJul0816:48:58.2922622026][security2:error][pid2856523:tid2856588][client2602:80d:1004::39:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a01:4f8:212:1561::8\"][uri\"/\"][unique_id\"ak5jWif-OwlZb_4H968fjwAAAIQ\"]
show less
[TueJul0712:01:37.6029582026][security2:error][pid1215430:tid1215481][client2602:80d:1004::39:0]ModS ...
show more[TueJul0712:01:37.6029582026][security2:error][pid1215430:tid1215481][client2602:80d:1004::39:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.feldenkraisticino.ch\"][uri\"/\"][unique_id\"akzOgdD-Wo4DaUBmGoioxAAAAEE\"]
show less
[SunJul0517:26:12.3491122026][security2:error][pid3455218:tid3455351][client2602:80d:1004::39:0]ModS ...
show more[SunJul0517:26:12.3491122026][security2:error][pid3455218:tid3455351][client2602:80d:1004::39:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a02:29b8:dc01:545::625:de4f\"][uri\"/\"][unique_id\"akp3lLLfjamyrvuEcfRfEgAAABQ\"]
show less
[WedJun2408:13:46.8674762026][security2:error][pid3880602:tid3880661][client2602:80d:1004::39:0]ModS ...
show more[WedJun2408:13:46.8674762026][security2:error][pid3880602:tid3880661][client2602:80d:1004::39:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.cbri.ch\"][uri\"/\"][unique_id\"ajt1mqsHzta1eT7iu07BUwAAAMQ\"]
show less
[MonJun2222:25:05.0426762026][security2:error][pid2175485:tid2175522][client2602:80d:1004::39:0]ModS ...
show more[MonJun2222:25:05.0426762026][security2:error][pid2175485:tid2175522][client2602:80d:1004::39:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.cst-ranghetti.ch\"][uri\"/\"][unique_id\"ajmaIWaCgaXBwkYHFGxeKAAAABY\"]
show less
[SatJun2022:36:35.7475242026][security2:error][pid3743230:tid3743243][client2602:80d:1004::39:0]ModS ...
show more[SatJun2022:36:35.7475242026][security2:error][pid3743230:tid3743243][client2602:80d:1004::39:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.monteco-suisse.ch\"][uri\"/\"][unique_id\"ajb509gLbX_PKmzQP6i4KwAAAIo\"]
show less
[SatJun1308:46:41.0836662026][security2:error][pid722144:tid722219][client2602:80d:1004::39:0]ModSec ...
show more[SatJun1308:46:41.0836662026][security2:error][pid722144:tid722219][client2602:80d:1004::39:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.lascalasagl.ch\"][uri\"/\"][unique_id\"aiz80deDsZtBNRh59VJ62gAAAIw\"]
show less
Port Scan
Brute-Force
Web App Attack
Anonymous
Scenarios: http-bad-user-agent
Total requests: 9
[12/Jun/2026:10:26:29 +0000] [Client: 2602:80d:1004 ...
show moreScenarios: http-bad-user-agent
Total requests: 9
[12/Jun/2026:10:26:29 +0000] [Client: 2602:80d:1004::39] GET [200] "/ HTTP/1.1" User-Agent: "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
[12/Jun/2026:10:26:32 +0000] [Client: 2602:80d:1004::39] PRI [400] "* HTTP/2.0" User-Agent: "-"
[12/Jun/2026:10:26:33 +0000] [Client: 2602:80d:1004::39] [400] "\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03l\xBF\xCC\x8DW\xA2" User-Agent: "-"
[12/Jun/2026:10:27:16 +0000] [Client: 2602:80d:1004::39] GET [200] "/robots.txt HTTP/1.1" User-Agent: "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
[12/Jun/2026:10:27:18 +0000] [Client: 2602:80d:1004::39] GET [200] "/favicon.ico HTTP/1.1" User-Agent: "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
[12/Jun/2026:10:27:18 +0000] [Client: 2602:80d:1004::39] [400] "\x16\x03\x01\x00\xEE\x01\x00\x00\xEA\x03\x03g\xED\xA2\xE3\xCDW\x5C\x98\x98\x80\x934\xA3\xD6\xE9\x81+n" User-Agent: "-"
show less
Web App Attack
Showing 1 to
15
of 198 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ