JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 2a04:52c0:130:1a76::1

2a04:52c0:130:1a76::1 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 34%: ?

34%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	The Infrastructure Group B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60404
Domain Name	theinfrastructure.group
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 2a04:52c0:130:1a76::1

Whois 2a04:52c0:130:1a76::1

IP Abuse Reports for 2a04:52c0:130:1a76::1:

This IP address has been reported a total of 145 times from 68 distinct sources. 2a04:52c0:130:1a76::1 was first reported on April 14th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-06-23 05:52:11 (1 week ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇬🇧 andypiper	2026-05-15 01:01:48 (1 month ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 4server	2026-05-15 00:13:43 (1 month ago)	[FriMay1502:13:36.2698372026][security2:error][pid4088144:tid4088224][client2a04:52c0:130:1a76::1:0] ... show more [FriMay1502:13:36.2698372026][security2:error][pid4088144:tid4088224][client2a04:52c0:130:1a76::1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"allegraravizza.it\"][uri\"/.git/config\"][unique_id\"agZlMEihRUUJNkaGUmXqegAAAII\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 WellSpring	2026-05-10 20:13:43 (1 month ago)	git exposure on mcp.425.today/.git/config — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇩🇪 big-cloud.nl	2026-05-09 17:16:51 (1 month ago)	Try to access /.git/config	Web App Attack
🇳🇱 e.fierstra	2026-05-09 17:12:35 (1 month ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇳🇱 myip.foo	2026-05-09 15:57:22 (1 month ago)	[myip.foo] 2a04:52c0:130:1a76::1 - - [09/May/2026:15:57:20 +0000] "GET /.git/config HTTP/1.1" 404 15 ... show more [myip.foo] 2a04:52c0:130:1a76::1 - - [09/May/2026:15:57:20 +0000] "GET /.git/config HTTP/1.1" 404 150 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 ambor	2026-05-07 11:12:59 (1 month ago)	Honeypot triggered on tcpdata.com - Attempted to access /.git/config (git_probe). User-Agent: Mozill ... show more Honeypot triggered on tcpdata.com - Attempted to access /.git/config (git_probe). User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 show less	Web App Attack
🇦🇺 2000cn.com.au	2026-05-07 04:40:53 (1 month ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 4server	2026-05-06 15:41:13 (1 month ago)	[WedMay0617:41:10.0174902026][security2:error][pid3401929:tid3402007][client2a04:52c0:130:1a76::1:0] ... show more [WedMay0617:41:10.0174902026][security2:error][pid3401929:tid3402007][client2a04:52c0:130:1a76::1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"laumeiconsulting.com\"][uri\"/.git/HEAD\"][unique_id\"afthFvw9TQ8PkspP6mgVVwAAAJA\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 Baking333	2026-05-06 15:13:45 (1 month ago)	[redacted] 2a04:52c0:130:1a76::1 - - [06/May/2026:16:13:43 +0100] "GET /.git/config HTTP/1.1" 302 53 ... show more [redacted] 2a04:52c0:130:1a76::1 - - [06/May/2026:16:13:43 +0100] "GET /.git/config HTTP/1.1" 302 5313 0/282216 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" [redacted] 2a04:52c0:130:1a76::1 - - [06/May/2026:16:13:43 +0100] "GET /.git/HEAD HTTP/1.1" 302 5313 0/310698 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" show less	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-05-05 22:39:57 (1 month ago)	Try to access /arrangementen/.git/config	Web App Attack
🇫🇷 pm33	2026-05-05 19:15:35 (1 month ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇩🇪 ghostwarriors	2026-05-05 13:20:03 (1 month ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
Anonymous	2026-05-05 13:08:29 (1 month ago)	Fail2Ban triggered	Web App Attack

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 212.100.184.27

🇺🇸 154.19.231.86

🇳🇱 87.215.10.6

🇫🇷 85.217.140.46

🇮🇪 52.169.217.131

🇫🇷 141.145.211.98

🇬🇭 41.204.63.118

🇮🇳 2406:da1a:daa:f400:1a74:6f7a:6399:f528

🇺🇸 199.127.60.187

🇳🇱 195.170.172.69

🇮🇶 195.7.8.46

🇧🇷 177.212.152.123

🇯🇵 172.253.236.148

🇺🇸 104.248.229.158

🇷🇴 92.118.39.71

🇳🇱 46.235.40.33

🇸🇬 168.144.97.213

🇮🇩 163.7.0.179

🇨🇳 114.132.99.120

🇩🇪 46.101.216.224