JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a04:52c0:101:46a::

2a04:52c0:101:46a:: was found in our database!

This IP was reported 41 times. Confidence of Abuse is 11%: ?

11%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a04:52c0:101:46a::

Whois 2a04:52c0:101:46a::

IP Abuse Reports for 2a04:52c0:101:46a:::

This IP address has been reported a total of 41 times from 6 distinct sources. 2a04:52c0:101:46a:: was first reported on March 21st 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-16 10:26:51 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:26:39.820387 2026] [security2:error] [pid 6086:tid 6086] [client 2a04:52c0:101:46a:::50876] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.srsrestoration.net"] [uri "/.git/config"] [unique_id "ajEk33Uq_hXJZARodES7ZAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-26 21:03:55 (1 month ago)	2026-04-26 08:00:47,468 fail2ban.actions [7718]: NOTICE [tor] Ban 2a04:52c0:101:46a:: 2026-0 ... show more 2026-04-26 08:00:47,468 fail2ban.actions [7718]: NOTICE [tor] Ban 2a04:52c0:101:46a:: 2026-04-26 12:01:37,893 fail2ban.actions [7718]: NOTICE [tor] Ban 2a04:52c0:101:46a:: 2026-04-26 18:01:35,527 fail2ban.actions [7718]: NOTICE [tor] Ban 2a04:52c0:101:46a:: 2026-04-26 21:01:33,022 fail2ban.actions [7718]: NOTICE [tor] Ban 2a04:52c0:101:46a:: 2026-04-27 00:03:54,431 fail2ban.actions [7718]: NOTICE [tor] Ban 2a04:52c0:101:46a:: show less	Brute-Force
🇮🇹 VHosting	2026-03-26 20:34:00 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-11 08:13:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 04:13:40.381969 2026] [security2:error] [pid 4897:tid 4897] [client 2a04:52c0:101:46a:::60942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.gurneysbottleshop.com"] [uri "/.git/config"] [unique_id "abEkNMvdWr5HysnizKOQtQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-25 21:14:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 16:14:53.526703 2026] [security2:error] [pid 9545:tid 9545] [client 2a04:52c0:101:46a:::48840] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.raaksystems.com"] [uri "/.git/config"] [unique_id "aXaHzcpJpX1O3casJGbhIQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-08 00:43:24 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 19:43:14.730253 2026] [security2:error] [pid 19769:tid 19769] [client 2a04:52c0:101:46a:::36632] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|rotentendales.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rotentendales.com"] [uri "/rotentenda.sql"] [unique_id "aV79or5U2h-0IZTXl-FWUQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-11 10:17:24 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 05:17:16.336803 2025] [security2:error] [pid 8401:tid 8401] [client 2a04:52c0:101:46a:::33550] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|propertysubscription.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "propertysubscription.com"] [uri "/back.sql"] [unique_id "aTqaLDA-OI_WgC1CFanEfAAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 06:53:25 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 01:53:19.177448 2025] [security2:error] [pid 10341:tid 10381] [client 2a04:52c0:101:46a:::0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mindgardens.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mindgardens.com"] [uri "/backup_wp.sql"] [unique_id "aTfHX8Wrg3vzArt3D2VX-gAAAMs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 03:47:42 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 22:47:34.534155 2025] [security2:error] [pid 30938:tid 30938] [client 2a04:52c0:101:46a:::0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|abdulhameeds.art\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "abdulhameeds.art"] [uri "/abd.sql"] [unique_id "aTeb1ul_PEszr0AP3RsRTgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:17:39 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:17:30.466461 2025] [security2:error] [pid 19975:tid 19975] [client 2a04:52c0:101:46a:::55834] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thereisaplaceonearth.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thereisaplaceonearth.com"] [uri "/dump.sql"] [unique_id "aTKHCsZV-FDe-kV4PE823wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-19 09:45:19 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 19 04:45:11.296963 2025] [security2:error] [pid 865:tid 865] [client 2a04:52c0:101:46a:::47992] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|eta-mct.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eta-mct.com"] [uri "/weekly.sql"] [unique_id "aR2RpwNuxit06bkOrAIgPwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-20 05:03:32 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 20 01:03:22.760679 2025] [security2:error] [pid 21980:tid 21980] [client 2a04:52c0:101:46a:::37098] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "viszin.com"] [uri "/wp-config.phpb"] [unique_id "aPXCmpAQqisuD5ngUq20bQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-09 20:02:19 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 09 16:02:10.634613 2025] [security2:error] [pid 10939:tid 10939] [client 2a04:52c0:101:46a:::59882] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|rachelfia.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rachelfia.com"] [uri "/ia.sql"] [unique_id "aOgUwqcbg95LZdR3sqhHKwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-25 14:18:24 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 10:18:16.896177 2025] [security2:error] [pid 32278:tid 32278] [client 2a04:52c0:101:46a:::47594] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|arriagarealestate.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "arriagarealestate.com"] [uri "/arriagarealestat.sql"] [unique_id "aNVPKK8xUAoO3lOP91EQkQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-17 06:42:05 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 2a04:52c0:101:46a:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 17 02:41:55.933449 2025] [security2:error] [pid 16185:tid 16185] [client 2a04:52c0:101:46a:::42884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.washcountyfair.com"] [uri "/wp-config.php.uk"] [unique_id "aMpYM_IQHtkndfqanaSMSAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.36

🇳🇬 143.105.174.249

🇳🇱 45.148.10.147

🇺🇸 3.91.35.253

🇩🇪 185.220.101.165

🇳🇱 178.16.54.246

🇺🇸 162.216.149.140

🇰🇷 114.203.87.250

🇻🇳 103.106.104.25

🇮🇶 65.20.149.239

🇨🇳 42.233.178.7

🇪🇸 185.143.95.101

🇫🇮 178.20.210.208

🇩🇪 167.94.145.18

🇷🇴 80.94.92.167

🇪🇨 66.231.68.95

🇳🇱 45.153.34.235

🇺🇸 44.44.157.39

🇻🇳 14.225.206.187

🇹🇼 198.235.24.102