JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2602:80d:1003::33

2602:80d:1003::33 was found in our database!

This IP was reported 217 times. Confidence of Abuse is 43%: ?

43%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398722
Hostname(s)	scanner-205.hk2.censys-scanner.com
Domain Name	censys.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2602:80d:1003::33

Whois 2602:80d:1003::33

IP Abuse Reports for 2602:80d:1003::33:

This IP address has been reported a total of 217 times from 68 distinct sources. 2602:80d:1003::33 was first reported on January 31st 2024, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇭🇺 kranem	2026-06-26 18:02:11 (14 hours ago)	Triggered Cloudflare WAF from HK. Action taken: BLOCK ASN: 398722 (Censys, Inc.) Protocol: HTTP/1.1 ... show more Triggered Cloudflare WAF from HK. Action taken: BLOCK ASN: 398722 (Censys, Inc.) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2026-06-26T15:03:17Z User-Agent: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) show less	Bad Web Bot
🇳🇿 realstuffie	2026-06-23 13:44:07 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇨🇭 4server	2026-06-23 10:08:38 (3 days ago)	[TueJun2312:08:34.8616652026][security2:error][pid1781956:tid1782117][client2602:80d:1003::33:0]ModS ... show more [TueJun2312:08:34.8616652026][security2:error][pid1781956:tid1782117][client2602:80d:1003::33:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.distributori-sigarette-ticino.ch\"][uri\"/\"][unique_id\"ajpbIn_NguyvmLUWD33B8AAAANU\"] show less	Hacking Web App Attack
🇨🇭 4server	2026-06-20 18:39:41 (6 days ago)	[SatJun2020:39:35.9428932026][security2:error][pid1102611:tid1102880][client2602:80d:1003::33:0]ModS ... show more [SatJun2020:39:35.9428932026][security2:error][pid1102611:tid1102880][client2602:80d:1003::33:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"hostingedominio.ch\"][uri\"/\"][unique_id\"ajbeZzEJ2O5RgrR45tspDQAAANI\"] show less	Hacking Web App Attack
🇺🇸 antlac1	2026-06-19 13:56:28 (1 week ago)	crowdsecurity/http-bad-user-agent	Brute-Force Web App Attack
🇩🇪 4server	2026-06-07 06:09:58 (2 weeks ago)	[SunJun0708:09:55.1019062026][security2:error][pid3416003:tid3416062][client2602:80d:1003::33:0]ModS ... show more [SunJun0708:09:55.1019062026][security2:error][pid3416003:tid3416062][client2602:80d:1003::33:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"titraslochi.ch\"][uri\"/\"][unique_id\"aiULMxo2vlnEK7eZ54cEhAAAAEE\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 filstal.org	2026-06-04 19:00:28 (3 weeks ago)	Bad bot activity detected (automated scraping/probing) UA: Mozilla/5.0 (compatible; CensysInspect/1. ... show more Bad bot activity detected (automated scraping/probing) UA: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) show less	Bad Web Bot Web App Attack
🇩🇪 enjoyably	2026-06-04 18:12:51 (3 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇩🇪 4server	2026-06-04 15:31:04 (3 weeks ago)	[ThuJun0417:30:58.0544322026][security2:error][pid3551427:tid3551569][client2602:80d:1003::33:0]ModS ... show more [ThuJun0417:30:58.0544322026][security2:error][pid3551427:tid3551569][client2602:80d:1003::33:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a01:4f8:212:1561::8\"][uri\"/\"][unique_id\"aiGaMuD0qCilmEkI5TLTXwAAAMg\"] show less	Port Scan Brute-Force Web App Attack
🇨🇭 4server	2026-06-01 14:23:38 (3 weeks ago)	[MonJun0116:23:20.5346202026][security2:error][pid1004940:tid1005162][client2602:80d:1003::33:0]ModS ... show more [MonJun0116:23:20.5346202026][security2:error][pid1004940:tid1005162][client2602:80d:1003::33:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a02:29b8:dc01:545::625:de4f\"][uri\"/\"][unique_id\"ah2V2G1qpOaDTpoZhfS3dgAAAMg\"] show less	Hacking Web App Attack
🇺🇸 oralunal	2026-05-31 23:05:57 (3 weeks ago)	IP banned by Fail2Ban in jail suss access.log ah-app-1 ...	Bad Web Bot Web App Attack
🇩🇪 Hagen Schoebel	2026-05-26 12:37:04 (1 month ago)	Blocked by CrowdSec - crowdsecurity/http-bad-user-agent (US)	Port Scan Brute-Force Web App Attack SSH
🇩🇪 4server	2026-05-25 03:44:59 (1 month ago)	[MonMay2505:44:52.4560302026][security2:error][pid3520535:tid3520626][client2602:80d:1003::33:0]ModS ... show more [MonMay2505:44:52.4560302026][security2:error][pid3520535:tid3520626][client2602:80d:1003::33:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"www.eselectronic.ch\"][uri\"/\"][unique_id\"ahPFtAMvdc-BBXFH7OurWQAAAMU\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 4server	2026-05-21 12:19:47 (1 month ago)	[ThuMay2114:19:42.1928152026][security2:error][pid1912024:tid1912119][client2602:80d:1003::33:0]ModS ... show more [ThuMay2114:19:42.1928152026][security2:error][pid1912024:tid1912119][client2602:80d:1003::33:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"mail.admin-services.ch\"][uri\"/\"][unique_id\"ag74XmU_RoArhUI-IHyeAQAAAMg\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 4server	2026-05-19 02:43:08 (1 month ago)	[TueMay1904:43:05.0775972026][security2:error][pid2161445:tid2161530][client2602:80d:1003::33:0]ModS ... show more [TueMay1904:43:05.0775972026][security2:error][pid2161445:tid2161530][client2602:80d:1003::33:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\bshodan\\\\\\\\b\\|\\\\\\\\bcensysinspect\\\\\\\\b\\|\\\\\\\\bcensys\\\\\\\\b\\|\\\\\\\\bexpanse\\\\\\\\b\\|\\\\\\\\bnetsystemsresearch\\\\\\\\b\\|\\\\\\\\bnetcraftsurveyagent\\\\\\\\b\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"73\"][id\"338801\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedinternet-widesurveyorUA\"][severity\"ERROR\"][hostname\"2a01:4f8:212:1561::8\"][uri\"/\"][unique_id\"agvOORMKkJEuED4648L7-QAAAJg\"] show less	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 217 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 47.77.233.191

🇮🇳 182.95.228.106

🇫🇮 157.22.75.138

🇨🇳 115.151.72.155

🇺🇸 68.183.22.192

🇭🇰 65.181.88.245

🇲🇾 49.124.152.157

🇭🇰 45.142.154.10

🇬🇧 35.203.210.183

🇳🇱 185.223.235.43

🇳🇱 45.148.10.151

🇺🇸 45.146.55.158

🇰🇷 43.203.152.220

🇬🇧 35.203.210.219

🇩🇪 31.17.32.64

🇩🇪 13.140.25.94

🇭🇰 152.32.252.65

🇺🇸 138.229.96.0

🇩🇪 91.107.177.103

🇱🇻 81.30.98.158