This IP was reported 99 times. Confidence of
Abuse
is 91%: ?
91%
Important Note: Public IPv6 addresses may implement the SLAAC
privacy extension. With this, the interface identifier is randomly generated. The SLAAC
privacy extension also implements a time out, which is configurable, so that the IPv6
interface addresses will be discarded and a new interface identifier is generated.
This IP address has been reported a total of
99
times from
38 distinct
sources.
2602:80d:1007::c2 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
[04/Jun/2026:02:52:34 +1000] "GET /login HTTP/1.1" 301 286 "Mozilla/5.0 (compatible; CensysInspect/1 ...
show more[04/Jun/2026:02:52:34 +1000] "GET /login HTTP/1.1" 301 286 "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
show less
[TueJun0207:16:27.3431462026][security2:error][pid3823075:tid3823155][client2602:80d:1007::c2:0]ModS ...
show more[TueJun0207:16:27.3431462026][security2:error][pid3823075:tid3823155][client2602:80d:1007::c2:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.pulispina.ch\"][uri\"/\"][unique_id\"ah5nK2VOtuHSJx7MmahX1wAAAI8\"]
show less
Port Scan
Brute-Force
Web App Attack
Anonymous
This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent
[SatMay3008:26:49.7358962026][security2:error][pid3358447:tid3358592][client2602:80d:1007::c2:0]ModS ...
show more[SatMay3008:26:49.7358962026][security2:error][pid3358447:tid3358592][client2602:80d:1007::c2:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.safeoncloud.ch\"][uri\"/\"][unique_id\"ahqDKXW7cVl0ZG64H02MHQAAAMY\"]
show less
Port Scan
Brute-Force
Web App Attack
Anonymous
2026-05-29T15:36:21.397626+02:00 mx1 sshd-session[2892498]: Connection closed by 2602:80d:1007::c2 p ...
show more2026-05-29T15:36:21.397626+02:00 mx1 sshd-session[2892498]: Connection closed by 2602:80d:1007::c2 port 35648 [preauth]
show less
Blocked by CrowdSec | Scenario: crowdsecurity/http-bad-user-agent | 2602:80d:1007::c2 triggered 2 ev ...
show moreBlocked by CrowdSec | Scenario: crowdsecurity/http-bad-user-agent | 2602:80d:1007::c2 triggered 2 events | Detected: 2026-05-29T11:08:55.392502418Z
show less
2602:80d:1007::c2 has been banned for triggering http-bad-user-agent (2 events over 7.768956088s). T ...
show more2602:80d:1007::c2 has been banned for triggering http-bad-user-agent (2 events over 7.768956088s). The user-agent http_access-log is not allowed.
show less
[TueMay2616:16:50.7221822026][security2:error][pid1606991:tid1607108][client2602:80d:1007::c2:0]ModS ...
show more[TueMay2616:16:50.7221822026][security2:error][pid1606991:tid1607108][client2602:80d:1007::c2:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"wildpferde.ch\"][uri\"/\"][unique_id\"ahWrUoBFQDvhPLpKRyo8pQAAAJc\"]
show less
[FriMay2213:40:21.4628522026][security2:error][pid3504717:tid3504773][client2602:80d:1007::c2:0]ModS ...
show more[FriMay2213:40:21.4628522026][security2:error][pid3504717:tid3504773][client2602:80d:1007::c2:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\|\\\\\\\\bcensysinspect\\\\\\\\b\|\\\\\\\\bcensys\\\\\\\\b\|\\\\\\\\bexpanse\\\\\\\\b\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.grigorov.ch\"][uri\"/\"][unique_id\"ahBApXhpSg1f1ZT6qoKvmAAAAFQ\"]
show less