JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:80d:1003::29

2602:80d:1003::29 was found in our database!

This IP was reported 173 times. Confidence of Abuse is 49%: ?

49%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398722
Hostname(s)	scanner-203.hk2.censys-scanner.com
Domain Name	censys.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:80d:1003::29

Whois 2602:80d:1003::29

IP Abuse Reports for 2602:80d:1003::29:

This IP address has been reported a total of 173 times from 62 distinct sources. 2602:80d:1003::29 was first reported on April 22nd 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SCHAPPY	2026-06-12 21:45:49 (2 days ago)	Bad bot identified by user agent	Bad Web Bot
🇩🇪 ecs.ge	2026-06-12 10:41:28 (3 days ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇫🇮 kumiko	2026-06-07 18:51:16 (1 week ago)	[2026-06-07 21:51:15] Known bad bot [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.cens ... show more [2026-06-07 21:51:15] Known bad bot [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)] show less	Bad Web Bot Web App Attack
🇺🇸 abenage	2026-05-31 01:07:51 (2 weeks ago)	2602:80d:1003::29 - - [30/May/2026:19:07:50 -0600] "x16x03x01x01x08x01x00x01x04x03x03" 400 166 "-" " ... show more 2602:80d:1003::29 - - [30/May/2026:19:07:50 -0600] "x16x03x01x01x08x01x00x01x04x03x03" 400 166 "-" "-" show less	Port Scan Web App Attack
🇩🇪 filstal.org	2026-05-27 16:06:05 (2 weeks ago)	Automated security scan or exploit attempt detected by Fail2Ban	Bad Web Bot Web App Attack
🇺🇸 abenage	2026-05-27 15:37:33 (2 weeks ago)	2602:80d:1003::29 - - [27/May/2026:09:37:31 -0600] "x16x03x01x00xEEx01x00x00xEAx03x03~x85xDCxF1&xBF- ... show more 2602:80d:1003::29 - - [27/May/2026:09:37:31 -0600] "x16x03x01x00xEEx01x00x00xEAx03x03~x85xDCxF1&xBF-ax22xF0xC4xx82c)x94xE8Xx13fx9Cx8AxCErVx8Bx14.xB0xD2Tx95 FT$x1A6xB4x1BkxD9x05x04x05x7F?:xCERvxD2nxA3-gxBA" 400 166 "-" "-" show less	Port Scan Web App Attack
🇩🇪 4server	2026-05-27 00:53:41 (2 weeks ago)	[WedMay2702:53:36.8761902026][security2:error][pid2288105:tid2288135][client2602:80d:1003::29:0]ModS ... show more [WedMay2702:53:36.8761902026][security2:error][pid2288105:tid2288135][client2602:80d:1003::29:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b$\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.robertselitrenny.ch\"][uri\"/\"][unique_id\"ahZAkBoZZ4d37IieNBvEiAAAABM\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 4server	2026-05-25 03:37:53 (3 weeks ago)	[MonMay2505:37:47.5008852026][security2:error][pid3503413:tid3503529][client2602:80d:1003::29:0]ModS ... show more [MonMay2505:37:47.5008852026][security2:error][pid3503413:tid3503529][client2602:80d:1003::29:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b$\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.dgtime.ch\"][uri\"/\"][unique_id\"ahPECxemHZe9RQgtUXEiIAAAAQs\"] show less	Port Scan Brute-Force Web App Attack
🇦🇺 tekgnosis	2026-05-23 07:19:50 (3 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇩🇪 ecs.ge	2026-05-20 06:37:49 (3 weeks ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇩🇪 enjoyably	2026-05-20 02:35:20 (3 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇦🇺 Anytech	2026-05-15 07:19:50 (1 month ago)	Blocked by Conn-Monitor: Automated bot activity	Web App Attack
🇦🇺 tekgnosis	2026-05-13 06:49:34 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇩🇪 4server	2026-05-12 09:11:39 (1 month ago)	[TueMay1211:11:32.7373572026][security2:error][pid3989945:tid3989968][client2602:80d:1003::29:0]ModS ... show more [TueMay1211:11:32.7373572026][security2:error][pid3989945:tid3989968][client2602:80d:1003::29:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b$\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"scrspace.com\"][uri\"/images/favicon.ico\"][unique_id\"agLuxIZa6YsXJpEOyUlIgwAAAAw\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 fds.io	2026-05-11 15:00:11 (1 month ago)	detected and blocked multiple http 400 bad-request attempts	Bad Web Bot Web App Attack

Showing 1 to 15 of 173 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇷 217.219.67.90

🇬🇲 197.255.200.210

🇮🇳 103.178.75.254

🇳🇱 91.92.42.182

🇸🇬 47.237.3.70

🇦🇷 186.131.178.216

🇯🇴 176.29.171.40

🇺🇸 89.116.210.64

🇺🇸 66.132.172.237

🇸🇬 47.84.138.136

🇹🇭 45.194.70.254

🇸🇦 37.242.78.124

🇱🇻 37.233.85.71

🇦🇿 37.114.182.47

🇺🇸 34.16.218.17

🇺🇸 20.64.105.194

🇧🇷 191.53.9.94

🇲🇽 187.249.37.227

🇳🇱 176.65.139.232

🇿🇦 105.233.67.36