JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.12.180.125

130.12.180.125 was found in our database!

This IP was reported 49 times. Confidence of Abuse is 66%: ?

66%

ISP	Virtualine Technologies
Usage Type	Fixed Line ISP
ASN	AS202412
Domain Name	virtualine.org
Country	🇩🇪 Germany
City	Aachen, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.12.180.125

Whois 130.12.180.125

IP Abuse Reports for 130.12.180.125:

This IP address has been reported a total of 49 times from 31 distinct sources. 130.12.180.125 was first reported on May 7th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 BenTahily	2026-06-05 04:00:49 (2 weeks ago)	Persistent attacker against moaem.com. 70 malicious requests. Attack types: Git Exposure, Credential ... show more Persistent attacker against moaem.com. 70 malicious requests. Attack types: Git Exposure, Credential Theft, Config Theft. No ISP response after 72h. show less	Port Scan Hacking Web App Attack
🇺🇦 URAN Publishing Service	2026-06-03 04:02:18 (3 weeks ago)	130.12.180.125 - - [03/Jun/2026:07:02:16 +0300] "GET /.env HTTP/1.1" 404 3233 "-" "Mozilla/5.0 (Wind ... show more 130.12.180.125 - - [03/Jun/2026:07:02:16 +0300] "GET /.env HTTP/1.1" 404 3233 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" ... show less	Web App Attack
🇨🇦 1gz	2026-06-03 03:47:12 (3 weeks ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env.production UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 ✨	2026-06-03 01:02:13 (3 weeks ago)	Rule : Security IP in black list	Port Scan Hacking Brute-Force
🇩🇪 Ba-Yu	2026-06-02 23:04:46 (3 weeks ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 Savoie	2026-06-01 18:37:00 (3 weeks ago)	130.12.180.125 *.* - [01/Jun/2026:20:37:34 +0200] "GET /qei5xgyw6j9zX.notathing HTTP/1.1" 302 21 ... show more 130.12.180.125 *.* - [01/Jun/2026:20:37:34 +0200] "GET /qei5xgyw6j9zX.notathing HTTP/1.1" 302 212 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" AND : GET /.git-credentials HTTP/1.1 GET /.env.local HTTP/1.1 GET /.env.production HTTP/1.1 GET /.env.development HTTP/1.1 GET /.env.staging HTTP/1.1 etc. etc. etc. show less	Bad Web Bot Web App Attack
Anonymous	2026-06-01 05:45:10 (3 weeks ago)	(mod_security) mod_security triggered on hostname [redacted] 130.12.180.125 (-)	SQL Injection
🇧🇷 Halux	2026-05-31 18:52:02 (3 weeks ago)	130.12.180.125 Probing protected path or service	Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 14:36:59 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 130.12.180.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 130.12.180.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 10:36:54.205770 2026] [security2:error] [pid 32420:tid 32420] [client 130.12.180.125:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail-pmg.com"] [uri "/.git/config"] [unique_id "ahxHhlnChDbu9PLRm-iExgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-05-31 06:29:12 (3 weeks ago)	130.12.180.125 - - [31/May/2026:09:29:11 +0300] "GET /.env HTTP/1.1" 404 3229 "-" "Mozilla/5.0 (X11; ... show more 130.12.180.125 - - [31/May/2026:09:29:11 +0300] "GET /.env HTTP/1.1" 404 3229 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" ... show less	Web App Attack
Anonymous	2026-05-30 22:50:00 (3 weeks ago)	130.12.180.125 - - [31/May/2026:00:39:21 +0200] "GET /wp-config.php.save HTTP/1.1" 404 439 "-" "Mozi ... show more 130.12.180.125 - - [31/May/2026:00:39:21 +0200] "GET /wp-config.php.save HTTP/1.1" 404 439 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 130.12.180.125 - - [31/May/2026:00:39:21 +0200] "GET /wp-config.php.save HTTP/1.1" 404 246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 130.12.180.125 - - [31/May/2026:00:39:27 +0200] "GET /wp-config.php.bak HTTP/1.1" 404 439 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 130.12.180.125 - - [31/May/2026:00:39:27 +0200] "GET /wp-config.php.bak HTTP/1.1" 404 246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0" 130.12.180.125 - - [31/May/2026:00:49:59 +0200] "GET /wp-config.php.save HTTP/1.1" 404 124 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" ... show less	Brute-Force Web App Attack
🇺🇸 mnsf	2026-05-30 02:06:39 (3 weeks ago)	Scanning/Probing (15)	Brute-Force Web App Attack
🇺🇸 helios.live	2026-05-30 01:43:40 (3 weeks ago)	2026/05/30 01:43:05 [error] 2408259#2408259: 1255598 access forbidden by rule, client: 130.12.180.1 ... show more 2026/05/30 01:43:05 [error] 2408259#2408259: 1255598 access forbidden by rule, client: 130.12.180.125, server: kocervpn.com, request: "GET /.git/config HTTP/1.1", host: "kocervpn.com" 2026/05/30 01:43:14 [error] 2408259#2408259: 1255598 access forbidden by rule, client: 130.12.180.125, server: kocervpn.com, request: "GET /.git/HEAD HTTP/1.1", host: "kocervpn.com" 2026/05/30 01:43:21 [error] 2408259#2408259: 1255598 access forbidden by rule, client: 130.12.180.125, server: kocervpn.com, request: "GET /.git-credentials HTTP/1.1", host: "kocervpn.com" 2026/05/30 01:43:29 [error] 2408259#2408259: 1255722 access forbidden by rule, client: 130.12.180.125, server: kocervpn.com, request: "GET /.git/logs/HEAD HTTP/1.1", host: "kocervpn.com" 2026/05/30 01:43:39 [error] 2408259#2408259: 1255722 access forbidden by rule, client: 130.12.180.125, server: kocervpn.com, request: "GET /.git/logs/refs/heads/main HTTP/1.1", host: "kocervpn.com" ... show less	Web App Attack
🇩🇪 ketovoila.pl	2026-05-29 20:04:40 (3 weeks ago)	ketovoila.pl web app secret/repository scan: hits=73; unique_paths=73; sample_paths=/.aws/credential ... show more ketovoila.pl web app secret/repository scan: hits=73; unique_paths=73; sample_paths=/.aws/credentials,/.env,/.env.backup; UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edg/121.0.0.0 Safari/537.36"; window=2026-05-29T20:04:40Z..2026-05-29T20:13:23Z show less	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-05-29 08:52:10 (3 weeks ago)	130.12.180.125 - - [29/May/2026:11:52:07 +0300] "GET /.env HTTP/1.1" 404 3239 "-" "Mozilla/5.0 (iPho ... show more 130.12.180.125 - - [29/May/2026:11:52:07 +0300] "GET /.env HTTP/1.1" 404 3239 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" ... show less	Web App Attack

Showing 1 to 15 of 49 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.56.45.212

🇨🇳 112.86.225.114

🇺🇸 104.243.38.235

🇭🇰 103.229.124.33

🇺🇸 91.230.168.20

🇩🇪 87.106.29.151

🇺🇸 66.146.234.127

🇳🇱 45.148.10.152

🇳🇱 45.148.10.147

🇺🇸 40.90.235.65

🇻🇳 27.79.40.38

🇺🇸 20.64.97.78

🇮🇹 2.239.100.17

🇵🇹 2.57.178.34

🇷🇴 2.57.121.112

🇬🇧 217.154.35.203

🇳🇱 185.93.89.167

🇳🇱 176.65.139.217

🇩🇪 151.243.11.37

🇨🇦 138.197.129.229