JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:80d:1000::63

2602:80d:1000::63 was found in our database!

This IP was reported 119 times. Confidence of Abuse is 0%: ?

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Censys, Inc.
Usage Type	Unknown
ASN	Unknown
Domain Name	censys.com
Country	🇺🇸 United States of America
City	Ann Arbor, Michigan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:80d:1000::63

Whois 2602:80d:1000::63

IP Abuse Reports for 2602:80d:1000::63:

This IP address has been reported a total of 119 times from 46 distinct sources. 2602:80d:1000::63 was first reported on December 21st 2024, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 LotPhantom	2025-09-11 07:44:19 (9 months ago)	2602:80d:1000::63 - - [11/Sep/2025:07:43:19 +0000] "GET / HTTP/1.1" 404 146 "-" "Mozilla/5.0 (compat ... show more 2602:80d:1000::63 - - [11/Sep/2025:07:43:19 +0000] "GET / HTTP/1.1" 404 146 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" "0" ... show less	Web App Attack
🇩🇰 swrlly	2025-09-09 14:33:03 (9 months ago)	attempted directly connecting to webserver using origin ip	Web App Attack
🇺🇸 technojoe99	2025-09-08 12:27:36 (9 months ago)	Exploit scan from 2602:80d:1000::63. GET /.well-known/security.txt HTTP/1.1.	Web App Attack
🇦🇺 afleventoffice.com.au	2025-09-04 05:59:54 (9 months ago)	\x16\x03\x01	Web App Attack
🇺🇸 Starburst SysOp Team	2025-09-01 09:05:44 (9 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-14)	Hacking Bad Web Bot
🇺🇸 LotPhantom	2025-08-30 21:47:16 (9 months ago)	2602:80d:1000::63 - - [30/Aug/2025:21:46:15 +0000] "GET / HTTP/1.1" 404 146 "-" "Mozilla/5.0 (compat ... show more 2602:80d:1000::63 - - [30/Aug/2025:21:46:15 +0000] "GET / HTTP/1.1" 404 146 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" "0" ... show less	Web App Attack
🇦🇺 Starburst SysOp Team	2025-08-30 09:14:27 (9 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-syd2-4)	Hacking Bad Web Bot
🇺🇸 xmission.com	2025-08-29 11:34:50 (9 months ago)	Blocked by UFW (TCP on 80) Source port: 43178 Packet length: 80 This report (for 2602:080d:1000:000 ... show more Blocked by UFW (TCP on 80) Source port: 43178 Packet length: 80 This report (for 2602:080d:1000:0000:0000:0000:0000:0063) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇦🇺 advena	2025-08-27 01:15:57 (9 months ago)	2602:80d:1000::63 (AS398324 CENSYS-ARIN-01) was intercepted at 2025-08-27T01:12:20Z after violating ... show more 2602:80d:1000::63 (AS398324 CENSYS-ARIN-01) was intercepted at 2025-08-27T01:12:20Z after violating WAF directive: dd85fad4506443cd840737a22a7a7a26. Pre-cautionary/corrective action applied: managed_challenge. show less	Web Spam Hacking Brute-Force Web App Attack
Anonymous	2025-08-26 23:46:10 (9 months ago)	$f2bV_matches	Brute-Force
🇩🇪 SpaceHost-Server	2025-08-26 22:46:57 (9 months ago)		Brute-Force Web App Attack
🇸🇬 Starburst SysOp Team	2025-08-26 14:48:28 (10 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-bom2-2)	Hacking Bad Web Bot
Anonymous	2025-08-26 11:54:21 (10 months ago)	[Tue Aug 26 13:53:56.576763 2025] [authz_core:error] [pid 12582] [client 2602:80d:1000::63:34276] AH ... show more [Tue Aug 26 13:53:56.576763 2025] [authz_core:error] [pid 12582] [client 2602:80d:1000::63:34276] AH01630: client denied by server configuration: /etc/httpd/htdocs [Tue Aug 26 13:54:13.834624 2025] [authz_core:error] [pid 12580] [client 2602:80d:1000::63:45852] AH01630: client denied by server configuration: /etc/httpd/htdocs [Tue Aug 26 13:54:20.728894 2025] [authz_core:error] [pid 15091] [client 2602:80d:1000::63:59812] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇺🇸 Starburst SysOp Team	2025-08-26 11:48:16 (10 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-14)	Hacking Bad Web Bot
🇸🇬 Starburst SysOp Team	2025-08-26 09:52:38 (10 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-sin2-2)	Hacking Bad Web Bot

Showing 1 to 15 of 119 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.135

🇧🇪 198.235.24.209

🇩🇪 164.90.233.161

🇫🇷 92.204.71.143

🇺🇸 74.94.234.151

🇳🇱 45.148.10.151

🇺🇸 44.94.130.93

🇮🇷 5.232.89.102

🇺🇸 216.25.89.106

🇨🇦 159.89.113.99

🇭🇰 152.32.252.233

🇮🇪 130.195.213.210

🇺🇸 44.203.28.196

🇩🇪 213.61.116.1

🇧🇷 201.63.223.141

🇳🇱 160.119.69.16

🇺🇸 147.185.132.180

🇩🇪 130.185.120.224

🇮🇩 103.154.231.122

🇺🇸 100.28.153.226