JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 51.120.6.176

51.120.6.176 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇴 Norway
City	Oslo, Oslo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 51.120.6.176

Whois 51.120.6.176

IP Abuse Reports for 51.120.6.176:

This IP address has been reported a total of 26 times from 22 distinct sources. 51.120.6.176 was first reported on November 7th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2024-11-26 16:07:09 (1 year ago)	Too many Status 40X (15)	Brute-Force Web App Attack
🇳🇱 rshict	2024-11-12 08:51:07 (1 year ago)	Hacking, Brute-Force, Web App Attack	Hacking Brute-Force Web App Attack
🇬🇧 Andrew	2024-11-10 17:29:51 (1 year ago)	Blocked by UFW (TCP on port 80). Source port: 54264 TTL: 107 Packet length: 52 TOS: 0x00 This repor ... show more Blocked by UFW (TCP on port 80). Source port: 54264 TTL: 107 Packet length: 52 TOS: 0x00 This report (for 51.120.6.176) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇸🇪 JCB	2024-11-10 09:43:00 (1 year ago)	51.120.6.176 - - [09/Nov/2024:17:50:22 +0200] "GET /config/.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 ( ... show more 51.120.6.176 - - [09/Nov/2024:17:50:22 +0200] "GET /config/.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/80.0.8421.0" 51.120.6.176 - - [09/Nov/2024:17:50:22 +0200] "GET /laravel/.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/92.0.6502.0" ... show less	Hacking Brute-Force Web App Attack
🇩🇪 guldkage	2024-11-10 02:41:34 (1 year ago)	Unauthorized connection attempt detected from IP address 51.120.6.176 to port 8443 (ger-03) [A]	Brute-Force Exploited Host
🇳🇱 subnetprotocol	2024-11-09 19:19:19 (1 year ago)	09/Nov/2024:20:19:18.385649 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ... show more 09/Nov/2024:20:19:18.385649 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 51.120.6.176] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.7"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "212.129.40.96"] [uri "/.env"] [unique_id "Zy-1tpbkr56SQYNj-Trp9wAACVc"] 09/Nov/2024:20:19:18.454502 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 51.120.6.176] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK ... show less	Hacking Web App Attack
🇫🇷 oonux.net	2024-11-09 19:16:01 (1 year ago)	RouterOS: Scanning detected TCP 51.120.6.176:49684 > x.x.x.x:443	Port Scan
🇳🇱 subnetprotocol	2024-11-09 16:28:14 (1 year ago)	09/Nov/2024:17:28:13.119943 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ... show more 09/Nov/2024:17:28:13.119943 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 51.120.6.176] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.7"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "51.159.22.164"] [uri "/.env"] [unique_id "Zy-Nne2iLJ7BXBv02f1v7gAACEc"] 09/Nov/2024:17:28:13.121595 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 51.120.6.176] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK ... show less	Hacking Web App Attack
🇫🇷 geeek	2024-11-09 16:05:45 (1 year ago)	Port scanning: 8080 TCP Blocked	Port Scan
🇫🇷 ParaBug	2024-11-09 15:57:58 (1 year ago)	51.120.6.176 - - [09/Nov/2024:16:57:58 +0100] "GET /.env HTTP/1.1" 403 344 "-" "Mozilla/5.0 (Windows ... show more 51.120.6.176 - - [09/Nov/2024:16:57:58 +0100] "GET /.env HTTP/1.1" 403 344 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/89.0.7772.0" ... show less	Phishing Brute-Force Web App Attack
Anonymous	2024-11-09 15:56:13 (1 year ago)	2024/11/09 16:56:11 [error] 20920#20920: 5638317 access forbidden by rule, client: 51.120.6.176, se ... show more 2024/11/09 16:56:11 [error] 20920#20920: 5638317 access forbidden by rule, client: 51.120.6.176, server: _, request: "GET /.env HTTP/1.1", host: "212.83.182.103" show less	Brute-Force Web App Attack
🇧🇷 hostseries	2024-11-09 03:06:36 (1 year ago)	Trigger: PS_LIMIT	Brute-Force
🇫🇷 GabrielJST	2024-11-08 22:30:22 (1 year ago)	Port Scan detected from 51.120.6.176 (NO/Norway/-).	Port Scan
🇳🇱 Study Bitcoin 🤗	2024-11-08 20:56:40 (1 year ago)	8 port probes: tcp/80 (http), tcp/443 (https), tcp/3000 (remoteware client), tcp/8080 (http), tcp/80 ... show more 8 port probes: tcp/80 (http), tcp/443 (https), tcp/3000 (remoteware client), tcp/8080 (http), tcp/8000 (http), tcp/8443, tcp/8888 (newsedge), tcp/5000 (upnp) [srv125] show less	Port Scan Brute-Force Bad Web Bot Web App Attack
🇺🇸 stypr	2024-11-08 20:52:52 (1 year ago)	Malicious activity detected on HTTP/HTTPS	Hacking Brute-Force Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 175.214.123.177

🇵🇰 103.191.118.186

🇨🇳 36.135.92.36

🇨🇳 180.184.176.94

🇦🇫 180.94.74.94

🇫🇮 147.185.133.182

🇫🇮 147.185.133.177

🇮🇳 103.182.166.241

🇫🇷 85.217.140.5

🇺🇸 52.21.227.35

🇺🇸 44.105.49.90

🇨🇦 4.206.92.183

🇩🇪 193.124.20.254

🇳🇱 193.39.208.26

🇯🇵 135.149.114.5

🇧🇩 123.200.4.29

🇨🇳 106.12.148.154

🇮🇹 84.17.58.5

🇺🇸 44.36.42.207

🇬🇧 35.203.210.179