AbuseIPDB » 2620:96:e000::ca

2620:96:e000::ca was found in our database!

This IP was reported 164 times. Confidence of Abuse is 62%: ?

62%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Censys, Inc.
Usage Type	Commercial
ASN	AS398324
Hostname(s)	scanner-202.ch1.censys-scanner.com
Domain Name	censys.com
Country	United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 2620:96:e000::ca

Whois 2620:96:e000::ca

IP Abuse Reports for 2620:96:e000::ca:

This IP address has been reported a total of 164 times from 49 distinct sources. 2620:96:e000::ca was first reported on May 31st 2024, and the most recent report was 26 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
clapper	2025-06-19 05:46:41 (26 minutes ago)	(mod_security) mod_security (id:980001) triggered by 2620:96:e000::ca (Unknown): 3 in the last 3600 ... show more(mod_security) mod_security (id:980001) triggered by 2620:96:e000::ca (Unknown): 3 in the last 3600 secs; ID: LUC show less	Brute-Force Bad Web Bot
LotPhantom	2025-06-16 19:57:20 (2 days ago)	2620:96:e000::ca - - [16/Jun/2025:19:56:19 +0000] "GET /favicon.ico HTTP/1.1" 404 146 "-" "Mozilla/5 ... show more2620:96:e000::ca - - [16/Jun/2025:19:56:19 +0000] "GET /favicon.ico HTTP/1.1" 404 146 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" "0" ... show less	Web App Attack
Anonymous	2025-06-15 10:11:07 (3 days ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
LotPhantom	2025-06-14 12:01:00 (4 days ago)	2620:96:e000::ca - - [14/Jun/2025:12:00:06 +0000] "GET /favicon.ico HTTP/1.1" 404 39 "http://donorap ... show more2620:96:e000::ca - - [14/Jun/2025:12:00:06 +0000] "GET /favicon.ico HTTP/1.1" 404 39 "http://donorapp-api.bridginggaps.tech/favicon.ico" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)" "0" ... show less	Web App Attack
Campus France	2025-06-14 05:44:54 (5 days ago)	ca - - [14/Jun/2025	Web App Attack
vestibtech	2025-06-13 22:47:03 (5 days ago)	[Fri Jun 13 16:46:59.449918 2025] [authz_core:error] [pid 971793:tid 972090] [client 2620:96:e000::c ... show more[Fri Jun 13 16:46:59.449918 2025] [authz_core:error] [pid 971793:tid 972090] [client 2620:96:e000::ca:42834] AH01630: client denied by server configuration: /home/vestibte/public_html/0_site/ [Fri Jun 13 16:46:59.451955 2025] [authz_core:error] [pid 971793:tid 972090] [client 2620:96:e000::ca:42834] AH01630: client denied by server configuration: /home/vestibte/public_rsrc/ErrDocs/error.php [Fri Jun 13 16:47:03.550302 2025] [authz_core:error] [pid 971793:tid 972046] [client 2620:96:e000::ca:33992] AH01630: client denied by server configuration: /home/vestibte/public_html/0_site/favicon.ico ... show less	Bad Web Bot
Anonymous	2025-06-11 20:47:39 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Bad Web Bot Web App Attack
Shouddy Tarano	2025-06-10 03:19:10 (1 week ago)	[Mon Jun 09 21:17:32.262616 2025] [authz_core:error] [pid 4125217:tid 140520139495168] [client 2620: ... show more[Mon Jun 09 21:17:32.262616 2025] [authz_core:error] [pid 4125217:tid 140520139495168] [client 2620:96:e000::ca:56908] AH01630: client denied by server configuration: /var/www/html/ [Mon Jun 09 21:17:32.264398 2025] [authz_core:error] [pid 4125217:tid 140520139495168] [client 2620:96:e000::ca:56908] AH01630: client denied by server configuration: /usr/share/httpd/noindex/index.html [Mon Jun 09 21:18:39.994494 2025] [authz_core:error] [pid 4125217:tid 140520697485056] [client 2620:96:e000::ca:49082] AH01630: client denied by server configuration: /var/www/html/favicon.ico [Mon Jun 09 21:19:01.510738 2025] [authz_core:error] [pid 4125217:tid 140520298891008] [client 2620:96:e000::ca:37964] AH01630: client denied by server configuration: /var/www/html/security.txt [Mon Jun 09 21:19:09.646841 2025] [authz_core:error] [pid 4125217:tid 140520672306944] [client 2620:96:e000::ca:53030] AH01630: client denied by server configuration: /var/www/html/favicon.ico ... show less	DDoS Attack Web Spam Brute-Force Web App Attack
kumiko	2025-06-07 18:51:04 (1 week ago)	[2025-06-07 21:51:03] Known bad bot [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.cens ... show more[2025-06-07 21:51:03] Known bad bot [Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)] show less	Bad Web Bot Web App Attack
netfactotum	2025-06-06 04:34:03 (1 week ago)		Hacking Web App Attack
SaltySoftworks	2025-06-02 13:25:47 (2 weeks ago)	User agent spoofing	Spoofing
vestibtech	2025-05-24 20:55:44 (3 weeks ago)	[Sat May 24 14:55:38.839511 2025] [authz_core:error] [pid 3175585:tid 3175827] [client 2620:96:e000: ... show more[Sat May 24 14:55:38.839511 2025] [authz_core:error] [pid 3175585:tid 3175827] [client 2620:96:e000::ca:33808] AH01630: client denied by server configuration: /home/vestibte/public_html/0_site/ [Sat May 24 14:55:38.842140 2025] [authz_core:error] [pid 3175585:tid 3175827] [client 2620:96:e000::ca:33808] AH01630: client denied by server configuration: /home/vestibte/public_rsrc/ErrDocs/error.php [Sat May 24 14:55:43.616437 2025] [authz_core:error] [pid 3175585:tid 3175853] [client 2620:96:e000::ca:33960] AH01630: client denied by server configuration: /home/vestibte/public_html/0_site/favicon.ico ... show less	Bad Web Bot
MAGIC	2025-05-20 04:02:30 (4 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
HoneyPot-FrPri	2025-05-18 02:26:31 (1 month ago)	2620:96:e000::ca - - [18/May/2025:04:26:30 +0200] "PRI * HTTP/2.0" 400 157 "-" "-" ...	Bad Web Bot Web App Attack
Anonymous	2025-05-16 22:28:04 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Bad Web Bot Web App Attack

Showing 1 to 15 of 164 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

167.94.145.103

205.210.31.175

43.153.204.189

43.130.12.43

205.210.31.104

65.49.1.52

193.105.134.143

116.110.88.60

182.253.31.67

113.248.208.51

36.134.138.153

223.205.136.212

65.20.174.38

205.210.31.223

82.115.211.19

35.203.210.101

36.255.5.45

104.234.115.159

223.113.128.182

59.178.58.19