JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 57.128.74.124

57.128.74.124 was found in our database!

This IP was reported 74 times. Confidence of Abuse is 55%: ?

55%

ISP	OVH SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	ns3227815.ip-57-128-74.eu
Domain Name	ovh.net
Country	🇫🇷 France
City	Strasbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 57.128.74.124

Whois 57.128.74.124

IP Abuse Reports for 57.128.74.124:

This IP address has been reported a total of 74 times from 53 distinct sources. 57.128.74.124 was first reported on January 31st 2023, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 pamircil	2026-06-05 19:01:44 (5 days ago)	🍯 WinnieThePooh Honeypot : GET request to '/api/v4/version' on (http/80)💀	SSH Brute-Force Hacking
🇺🇸 conrad10781	2026-05-30 09:43:05 (1 week ago)	nginx-4xx	Web App Attack
🇩🇪 Marcin Stepien	2026-05-30 06:03:13 (1 week ago)	Hit honeypot endpoint /.env. Automated scanner/bot detected.	Bad Web Bot Web App Attack
🇫🇷 sthoyer.de	2026-05-30 04:29:48 (1 week ago)	57.128.74.124 - - [30/May/2026:06:29:45 +0200] "GET /users/sign_in HTTP/1.1" 200 10286 "-" "Mozilla/ ... show more 57.128.74.124 - - [30/May/2026:06:29:45 +0200] "GET /users/sign_in HTTP/1.1" 200 10286 "-" "Mozilla/5.0 (X11; Linux i686; rv:1.9.6.20) Gecko/ Firefox/3.6.2" 57.128.74.124 - - [30/May/2026:06:29:46 +0200] "GET /users/sign_in HTTP/1.1" 200 10286 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0" 57.128.74.124 - - [30/May/2026:06:29:46 +0200] "GET /users/sign_in HTTP/1.1" 200 10290 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/117.0" 57.128.74.124 - - [30/May/2026:06:29:47 +0200] "GET /users/sign_in HTTP/1.1" 200 12868 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36" 57.128.74.124 - - [30/May/2026:06:29:47 +0200] "GET /users/sign_in HTTP/1.1" 200 12872 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 kosada.com	2026-05-29 20:16:38 (1 week ago)	Web vulnerability probing: /oauth/token	Web App Attack
Anonymous	2026-05-29 18:14:13 (1 week ago)	Firewall trigger on MikroTik RB4011	Port Scan
🇩🇪 Lazentis	2026-05-29 04:03:53 (1 week ago)	Unauthorized access attempt to port 8080 (tcp)	Brute-Force SSH
🇺🇸 LSPCCU	2026-05-29 03:00:51 (1 week ago)	TSEC Honeypot Network report. Threat score: 74/100. Categories: Port Scan, Hacking, Brute-Force, Web ... show more TSEC Honeypot Network report. Threat score: 74/100. Categories: Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: 57. show less	Port Scan Hacking Brute-Force Web App Attack SSH
🇳🇱 BIV	2026-05-29 00:21:04 (1 week ago)	Honeypot multi-source hit. Sources: tpot:Fatt,tpot:P0f,tpot:Suricata,tpot:Tanner. Ports: 80. Automat ... show more Honeypot multi-source hit. Sources: tpot:Fatt,tpot:P0f,tpot:Suricata,tpot:Tanner. Ports: 80. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-28 16:20:32 (1 week ago)	(mod_security) mod_security (id:949110) triggered by 57.128.74.124 (ns3227815.ip-57-128-74.eu): 1 in ... show more (mod_security) mod_security (id:949110) triggered by 57.128.74.124 (ns3227815.ip-57-128-74.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 12:20:26.801378 2026] [security2:error] [pid 30586:tid 30586] [client 57.128.74.124:50602] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.euro-theatre.com"] [uri "/.env"] [unique_id "ahhrSj048poBBcl1e95h-QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 pamircil	2026-05-28 10:00:55 (2 weeks ago)	🍯 WinnieThePooh Honeypot : POST request to '/-/jira/login/oauth/access_token' on (http/80)💀	SSH Brute-Force Hacking
🇺🇸 xxkodedxx	2026-05-26 09:10:09 (2 weeks ago)	[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10 ... show more [Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost) Trigger: 1× edge-block in 10m window. Origin: FR / AS16276 OVH SAS Active: 09:09:15 UTC Volume: 1 HTTP req Probed: /.env Status mix: 444×1 Vhost fishing: teachme.ztx-lab.com UA: "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.01; Trident/5.0)" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇩🇪 Lazentis	2026-05-26 07:09:06 (2 weeks ago)	Unauthorized access attempt to port 8080 (tcp)	Brute-Force SSH
🇯🇵 KuhA	2026-05-13 08:20:41 (4 weeks ago)	GET /export/classroom-course-statistics?fileNames[]=../../../../../../../etc/passwd	Web App Attack
🇨🇳 ThreatBook.io	2026-05-13 01:31:28 (4 weeks ago)	ThreatBook Intelligence: cdn more details on http://threatbook.io/ip/57.128.74.124 2026-05-12 11:46: ... show more ThreatBook Intelligence: cdn more details on http://threatbook.io/ip/57.128.74.124 2026-05-12 11:46:07 /manager/html 2026-05-12 11:46:07 /manager/html 2026-05-12 11:46:07 /manager/html 2026-05-12 11:46:07 /manager/html 2026-05-12 11:46:07 /manager/html 2026-05-12 11:46:07 /manager/html 2026-05-12 11:46:07 /manager/html 2026-05-12 11:46:07 /manager/html 2026-05-12 11:46:07 /manager/html show less	Web App Attack

Showing 1 to 15 of 74 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.182

🇵🇱 194.180.49.58

🇩🇪 167.94.146.39

🇮🇳 152.58.159.130

🇮🇳 117.247.82.240

🇮🇷 2.180.199.241

🇷🇴 2.57.121.112

🇺🇸 208.87.243.35

🇮🇩 202.58.75.173

🇧🇷 200.108.174.4

🇧🇷 189.113.47.155

🇳🇱 185.223.235.3

🇺🇸 162.216.150.230

🇺🇸 162.216.149.22

🇺🇸 134.195.107.87

🇺🇸 129.146.243.24

🇺🇸 107.172.160.130

🇨🇦 104.255.152.19

🇮🇩 103.165.231.174

🇭🇰 101.32.1.25