JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:80d:1003::1d

2602:80d:1003::1d was found in our database!

This IP was reported 162 times. Confidence of Abuse is 34%: ?

34%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398722
Hostname(s)	scanner-201.hk2.censys-scanner.com
Domain Name	censys.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:80d:1003::1d

Whois 2602:80d:1003::1d

IP Abuse Reports for 2602:80d:1003::1d:

This IP address has been reported a total of 162 times from 66 distinct sources. 2602:80d:1003::1d was first reported on April 28th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-08 00:02:48 (3 days ago)	[MonJun0802:02:43.8215802026][security2:error][pid364755:tid364889][client2602:80d:1003::1d:0]ModSec ... show more [MonJun0802:02:43.8215802026][security2:error][pid364755:tid364889][client2602:80d:1003::1d:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.serban.ch\"][uri\"/\"][unique_id\"aiYGo41kyemtNf6k_qc2uAAAARE\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 abenage	2026-05-31 12:20:09 (1 week ago)	2602:80d:1003::1d - - [31/May/2026:06:20:07 -0600] "x16x03x01x01x05x01x00x01x01x03x03xF6xC3x22,lxEEx ... show more 2602:80d:1003::1d - - [31/May/2026:06:20:07 -0600] "x16x03x01x01x05x01x00x01x01x03x03xF6xC3x22,lxEExFDXxE1xF3xE0xC6xE7}rx8FxA7x88x05xFFxFFx96xE8xFCx17}xF29>xE2xEC( UxB0TxBBKx1C:xAA&xBAx9Cx8BxA9xA0xA6x1CxD4x15qmxECoxDExFCxE8xD6gx941x8ExADex00&xCCxA8xCCxA9xC0/xC00xC0+xC0,xC0x13xC0x09xC0x14xC0" 400 166 "-" "-" show less	Port Scan Web App Attack
🇩🇪 4server	2026-05-29 19:54:06 (1 week ago)	[FriMay2921:54:03.3006902026][security2:error][pid2678376:tid2678451][client2602:80d:1003::1d:0]ModS ... show more [FriMay2921:54:03.3006902026][security2:error][pid2678376:tid2678451][client2602:80d:1003::1d:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.restaurantgandria.ch\"][uri\"/wp-content/uploads/2015/07/cropped-comingsoon-1600-180x180.jpg\"][unique_id\"ahnu29Hwndmnyn9VY0CnzwAAAMI\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 xmission.com	2026-05-27 16:40:26 (2 weeks ago)	Blocked by UFW (TCP on 80) Source port: 59288 Packet length: 80 This report (for 2602:080d:1003:000 ... show more Blocked by UFW (TCP on 80) Source port: 59288 Packet length: 80 This report (for 2602:080d:1003:0000:0000:0000:0000:001d) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 4server	2026-05-10 19:11:48 (1 month ago)	[SunMay1021:11:46.2444512026][security2:error][pid1393926:tid1394000][client2602:80d:1003::1d:0]ModS ... show more [SunMay1021:11:46.2444512026][security2:error][pid1393926:tid1394000][client2602:80d:1003::1d:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a01:4f8:212:1561::8\"][uri\"/\"][unique_id\"agDYclNYTfqjMBAxFOri0QAAAIw\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 auridh	2026-05-08 01:47:08 (1 month ago)	Ip 2602:80d:1003::1d performed 'crowdsecurity/http-bad-user-agent' (2 events over 3.73477345s) at 20 ... show more Ip 2602:80d:1003::1d performed 'crowdsecurity/http-bad-user-agent' (2 events over 3.73477345s) at 2026-05-08 00:51:06.412764806 +0000 UTC show less	Bad Web Bot Web App Attack
🇨🇦 lakered	2026-05-07 14:54:13 (1 month ago)	Honeypot Lakered: unauthorized access (Pattern: Mozilla/5.0 (compatible; CensysInspect/1.1; +https:/ ... show more Honeypot Lakered: unauthorized access (Pattern: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)). IP automatically banned. show less	Port Scan
🇩🇪 4server	2026-05-04 19:18:53 (1 month ago)	[MonMay0421:18:49.7170122026][security2:error][pid600301:tid600382][client2602:80d:1003::1d:0]ModSec ... show more [MonMay0421:18:49.7170122026][security2:error][pid600301:tid600382][client2602:80d:1003::1d:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.flyingberber.artisteer-italia.org\"][uri\"/\"][unique_id\"afjxGXzNgT8crCfOY4roHgAAAI8\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-05-04 04:04:21 (1 month ago)	Fail2Ban triggered	Web App Attack
🇩🇪 filstal.org	2026-05-03 10:14:37 (1 month ago)	Security scan or malicious bot activity detected by Fail2Ban	Bad Web Bot Web App Attack
🇩🇪 4server	2026-04-27 12:20:16 (1 month ago)	[MonApr2714:20:14.9627702026][security2:error][pid3448145:tid3448164][client2602:80d:1003::1d:0]ModS ... show more [MonApr2714:20:14.9627702026][security2:error][pid3448145:tid3448164][client2602:80d:1003::1d:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"gualandi.ch\"][uri\"/\"][unique_id\"ae9UfpZP-zwAunKnMGhYCwAAAEI\"] show less	Port Scan Brute-Force Web App Attack
🇨🇭 4server	2026-04-23 20:45:08 (1 month ago)	[ThuApr2322:45:02.3819972026][security2:error][pid1001828:tid1001854][client2602:80d:1003::1d:0]ModS ... show more [ThuApr2322:45:02.3819972026][security2:error][pid1001828:tid1001854][client2602:80d:1003::1d:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a02:29b8:dc01:545::625:de4f\"][uri\"/\"][unique_id\"aeqEzrtpNte8OeOemqC31gAAABg\"] show less	Hacking Web App Attack
🇩🇪 ketovoila.pl	2026-04-21 00:32:59 (1 month ago)	ketovoila.pl HONEYPOT traffic: count=1, paths=1; sample_path=ketovoila.pl/; UA=Mozilla/5.0 (compatib ... show more ketovoila.pl HONEYPOT traffic: count=1, paths=1; sample_path=ketovoila.pl/; UA=Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/); window=2026-04-21T00:13:55Z..2026-04-21T00:13:55Z show less	Port Scan Hacking Brute-Force
🇨🇭 4server	2026-04-18 14:44:16 (1 month ago)	[SatApr1816:44:09.4019432026][security2:error][pid3541579:tid3541587][client2602:80d:1003::1d:0]ModS ... show more [SatApr1816:44:09.4019432026][security2:error][pid3541579:tid3541587][client2602:80d:1003::1d:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a02:29b8:dc01:545::625:de4f\"][uri\"/\"][unique_id\"aeOYuW8ebx8J3FBKyAEUSAAAAQY\"] show less	Hacking Web App Attack
🇩🇪 wupinyin	2026-04-17 07:42:24 (1 month ago)	CrowdSec ban: crowdsecurity/http-bad-user-agent	Web App Attack

Showing 1 to 15 of 162 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.190

🇦🇱 185.200.213.164

🇨🇳 180.168.24.186

🇸🇦 178.80.252.238

🇰🇪 102.209.155.199

🇸🇬 101.32.128.113

🇨🇦 89.251.0.234

🇺🇸 66.132.172.150

🇳🇱 45.148.10.183

🇨🇳 101.96.233.202

🇷🇺 95.81.116.134

🇨🇦 89.251.0.246

🇨🇦 89.251.0.242

🇨🇦 89.251.0.207

🇺🇸 35.238.222.136

🇧🇷 189.23.205.242

🇦🇷 186.148.224.183

🇳🇪 154.127.86.8

🇸🇬 152.32.218.149

🇺🇸 129.153.145.135