JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:80d:1003::2c

2602:80d:1003::2c was found in our database!

This IP was reported 175 times. Confidence of Abuse is 47%: ?

47%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Censys, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS398722
Hostname(s)	scanner-203.hk2.censys-scanner.com
Domain Name	censys.io
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:80d:1003::2c

Whois 2602:80d:1003::2c

IP Abuse Reports for 2602:80d:1003::2c:

This IP address has been reported a total of 175 times from 61 distinct sources. 2602:80d:1003::2c was first reported on April 23rd 2024, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 auridh	2026-06-07 01:12:55 (19 hours ago)	Ip 2602:80d:1003::2c performed 'crowdsecurity/http-bad-user-agent' (2 events over 6.90537785s) at 20 ... show more Ip 2602:80d:1003::2c performed 'crowdsecurity/http-bad-user-agent' (2 events over 6.90537785s) at 2026-06-07 01:12:21.152110317 +0000 UTC show less	Bad Web Bot Web App Attack
🇦🇺 Anytech	2026-06-05 12:09:40 (2 days ago)	Blocked by Conn-Monitor: Automated bot activity	Web App Attack
🇩🇪 4server	2026-06-03 18:04:09 (4 days ago)	[WedJun0320:04:02.7890882026][security2:error][pid2108207:tid2108355][client2602:80d:1003::2c:0]ModS ... show more [WedJun0320:04:02.7890882026][security2:error][pid2108207:tid2108355][client2602:80d:1003::2c:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.sisuconsulting.net\"][uri\"/\"][unique_id\"aiBskifLBP4RmB54t8X-BwAAAJg\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 ecs.ge	2026-05-27 18:05:42 (1 week ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇦🇺 2000cn.com.au	2026-05-26 14:31:26 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇩🇪 4server	2026-05-23 07:32:38 (2 weeks ago)	[SatMay2309:32:34.2775452026][security2:error][pid644552:tid644616][client2602:80d:1003::2c:0]ModSec ... show more [SatMay2309:32:34.2775452026][security2:error][pid644552:tid644616][client2602:80d:1003::2c:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.acquaallaspina.ch\"][uri\"/\"][unique_id\"ahFYEiubtMAObd1HBMqw2AAAAIM\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 Dennis	2026-05-22 15:34:31 (2 weeks ago)	2602:80d:1003::2c has been banned for triggering http-bad-user-agent (2 events over 1.911193633s). T ... show more 2602:80d:1003::2c has been banned for triggering http-bad-user-agent (2 events over 1.911193633s). The user-agent Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) is not allowed. show less	Bad Web Bot
🇩🇪 4server	2026-05-21 15:01:37 (2 weeks ago)	[ThuMay2117:01:34.7771052026][security2:error][pid2132983:tid2133090][client2602:80d:1003::2c:0]ModS ... show more [ThuMay2117:01:34.7771052026][security2:error][pid2132983:tid2133090][client2602:80d:1003::2c:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a01:4f8:212:1561::8\"][uri\"/\"][unique_id\"ag8eTvzecesutyMu8GKzzwAAANU\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 fds.io	2026-05-20 21:27:29 (2 weeks ago)	detected and blocked multiple http 400 bad-request attempts	Bad Web Bot Web App Attack
🇩🇪 4server	2026-05-20 06:06:16 (2 weeks ago)	[WedMay2008:06:09.8027722026][security2:error][pid4024755:tid4024792][client2602:80d:1003::2c:0]ModS ... show more [WedMay2008:06:09.8027722026][security2:error][pid4024755:tid4024792][client2602:80d:1003::2c:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.grigorov.ch\"][uri\"/\"][unique_id\"ag1PUc29hkAFPoD6uOSe2gAAABU\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 enjoyably	2026-05-20 01:57:56 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇩🇪 4server	2026-05-14 06:37:22 (3 weeks ago)	[ThuMay1408:37:18.2175982026][security2:error][pid2879728:tid2879815][client2602:80d:1003::2c:0]ModS ... show more [ThuMay1408:37:18.2175982026][security2:error][pid2879728:tid2879815][client2602:80d:1003::2c:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.vivereintrentino.it\"][uri\"/\"][unique_id\"agVtnlq6YQ6F1d3FsR8gvwAAAMA\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 4server	2026-05-07 22:59:00 (4 weeks ago)	[FriMay0800:58:56.4277872026][security2:error][pid1034099:tid1034166][client2602:80d:1003::2c:0]ModS ... show more [FriMay0800:58:56.4277872026][security2:error][pid1034099:tid1034166][client2602:80d:1003::2c:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.mgpublishing.ch\"][uri\"/\"][unique_id\"af0ZMGHm2gqRIXGgALxtzAAAAIY\"] show less	Port Scan Brute-Force Web App Attack
🇨🇭 4server	2026-05-05 12:52:10 (1 month ago)	[TueMay0514:52:04.3315262026][security2:error][pid2535051:tid2535320][client2602:80d:1003::2c:0]ModS ... show more [TueMay0514:52:04.3315262026][security2:error][pid2535051:tid2535320][client2602:80d:1003::2c:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.mondo-it.ch\"][uri\"/\"][unique_id\"afnn9G2dh5464GYU7yKa8wAAARc\"] show less	Hacking Web App Attack
🇦🇺 Anytech	2026-05-01 11:01:15 (1 month ago)	Blocked by Conn-Monitor: Automated bot activity	Web App Attack

Showing 1 to 15 of 175 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 137.184.174.170

🇰🇷 119.203.251.187

🇮🇳 117.200.81.111

🇺🇸 46.202.183.86

🇺🇸 20.169.87.124

🇺🇸 20.169.87.123

🇩🇪 212.132.108.200

🇳🇱 155.117.6.32

🇮🇩 103.219.73.193

🇨🇮 102.209.221.229

🇺🇸 47.42.131.93

🇺🇸 20.169.87.120

🇳🇱 176.65.148.229

🇨🇳 175.30.91.86

🇺🇸 138.68.4.170

🇺🇸 108.170.31.39

🇷🇴 92.118.39.62

🇱🇹 45.227.254.170

🇺🇸 20.169.87.119

🇺🇸 20.169.87.117