JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:80d:1003::1f

2602:80d:1003::1f was found in our database!

This IP was reported 169 times. Confidence of Abuse is 57%: ?

57%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398722
Hostname(s)	scanner-201.hk2.censys-scanner.com
Domain Name	censys.io
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:80d:1003::1f

Whois 2602:80d:1003::1f

IP Abuse Reports for 2602:80d:1003::1f:

This IP address has been reported a total of 169 times from 64 distinct sources. 2602:80d:1003::1f was first reported on April 22nd 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 technojoe99	2026-06-13 00:11:23 (3 days ago)	Vulnerable HTTP/1.0 from 2602:80d:1003::1f. x16x03x01x01tx01.	Bad Web Bot
🇩🇰 swrlly	2026-06-12 10:15:44 (3 days ago)	1 unauthorized webserver connection	Web App Attack
🇩🇪 SCHAPPY	2026-06-05 12:11:38 (1 week ago)	Malicious activity from IP detected: crowdsecurity/http-bad-user-agent.	Web App Attack Bad Web Bot
🇩🇪 fds.io	2026-06-04 18:40:46 (1 week ago)	detected and blocked multiple http 400 bad-request attempts	Bad Web Bot Web App Attack
🇩🇪 Dennis	2026-06-04 06:43:16 (1 week ago)	2602:80d:1003::1f has been banned for triggering http-bad-user-agent (2 events over 2.53862127s). Th ... show more 2602:80d:1003::1f has been banned for triggering http-bad-user-agent (2 events over 2.53862127s). The user-agent Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) is not allowed. show less	Bad Web Bot
🇩🇪 enjoyably	2026-05-30 21:26:16 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇩🇪 Admins@FBN	2026-05-30 17:11:28 (2 weeks ago)	FW-PortScan: Traffic Blocked srcport=45042 dstport=443	Port Scan
🇨🇭 4server	2026-05-21 14:40:55 (3 weeks ago)	[ThuMay2116:40:49.8957732026][security2:error][pid127801:tid127825][client2602:80d:1003::1f:0]ModSec ... show more [ThuMay2116:40:49.8957732026][security2:error][pid127801:tid127825][client2602:80d:1003::1f:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a02:29b8:dc01:545::625:de4f\"][uri\"/\"][unique_id\"ag8ZcWPglRGp0uEDtIfk1wAAAJY\"] show less	Hacking Web App Attack
🇫🇮 kumiko	2026-05-17 00:40:36 (4 weeks ago)	[2026-05-17 03:40:35] Known bad bot [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.cens ... show more [2026-05-17 03:40:35] Known bad bot [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)] show less	Bad Web Bot Web App Attack
🇺🇸 Charlesiv	2026-05-15 00:25:51 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from HK. Action taken: BLOCK ASN: 398722 (Censys, Inc.) Pr ... show more Triggered Cloudflare WAF (firewallCustom) from HK. Action taken: BLOCK ASN: 398722 (Censys, Inc.) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2026-05-14T22:46:19Z Ray ID: 9fbd70363e2ca339 UA: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) show less	Bad Web Bot
🇺🇸 Charlesiv	2026-05-14 22:02:42 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from HK. Action taken: BLOCK ASN: 398722 (Censys, Inc.) Pr ... show more Triggered Cloudflare WAF (firewallCustom) from HK. Action taken: BLOCK ASN: 398722 (Censys, Inc.) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2026-05-14T22:01:56Z Ray ID: 9fbd2f2d0b894a5b UA: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) show less	Bad Web Bot
🇦🇺 2000cn.com.au	2026-05-14 20:34:49 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
Anonymous	2026-05-12 16:49:00 (1 month ago)		DNS Compromise DDoS Attack
🇦🇺 Anytech	2026-05-11 12:28:06 (1 month ago)	Blocked by Conn-Monitor: Automated bot activity	Web App Attack
🇩🇪 pscriptos	2026-05-10 13:31:13 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot

Showing 1 to 15 of 169 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.242

🇺🇸 147.185.132.172

🇳🇱 45.156.128.112

🇺🇸 205.210.31.96

🇿🇦 196.41.207.112

🇫🇷 176.134.48.201

🇹🇭 165.154.51.90

🇺🇸 146.88.240.181

🇰🇷 101.36.114.209

🇷🇴 80.94.92.19

🇺🇸 47.251.116.115

🇻🇳 14.191.22.180

🇹🇼 211.22.131.70

🇨🇴 200.118.62.49

🇨🇴 186.118.223.61

🇨🇳 180.76.243.197

🇰🇷 175.118.127.138

🇲🇽 131.196.254.101

🇨🇳 120.48.75.127

🇨🇳 112.86.225.122