JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 57.129.41.153

57.129.41.153 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	OVH GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	vps-177d2b82.vps.ovh.net
Domain Name	ovh.net
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 57.129.41.153

Whois 57.129.41.153

IP Abuse Reports for 57.129.41.153:

This IP address has been reported a total of 7 times from 3 distinct sources. 57.129.41.153 was first reported on August 21st 2024, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Packets-Decreaser.NET	2025-10-07 17:14:49 (7 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 nyuuzyou	2024-11-17 03:51:01 (1 year ago)	Intensive scraping: /web?s=%22Advanced%20Statistics%22%20%22Store%20and%20Manage%22%20%22Share%20the ... show more Intensive scraping: /web?s=%22Advanced%20Statistics%22%20%22Store%20and%20Manage%22%20%22Share%20them%20anytime%22%20%22Track%20each%20short%20URL%20from%20A%20to%20Z.%22&country=fi-fi&scraper=brave. User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:114.0) Gecko/20100101 Firefox/114.0. show less	Bad Web Bot
🇺🇸 TPI-Abuse	2024-10-16 02:55:16 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 15 22:55:13.081712 2024] [security2:error] [pid 11288:tid 11288] [client 57.129.41.153:60132] [client 57.129.41.153] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.152.161.69 (+1 hits since last alert)\|nextlevelcharge.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nextlevelcharge.com"] [uri "/xmlrpc.php"] [unique_id "Zw8rEaHLnskdQc4yGEypeQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-23 01:19:15 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 21:19:08.790567 2024] [security2:error] [pid 15208:tid 15208] [client 57.129.41.153:39308] [client 57.129.41.153] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|puduspoems.com\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "puduspoems.com"] [uri "/web/20140107222105/http:/wwp.icq.com/scripts/WWPMsg.dll"] [unique_id "ZsfjjJuvAqxXjwtWZiA8nwAAAAk"], referer: http://puduspoems.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-22 22:02:22 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 18:02:15.105331 2024] [security2:error] [pid 4562:tid 4562] [client 57.129.41.153:43592] [client 57.129.41.153] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.152.176.135 (0+1 hits since last alert)\|www.victorvictor.biz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.victorvictor.biz"] [uri "/xmlrpc.php"] [unique_id "Zse1Z6nv_okYKdyLdWi-WwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-21 19:10:37 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 15:10:30.085147 2024] [security2:error] [pid 21656:tid 21656] [client 57.129.41.153:58206] [client 57.129.41.153] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 128.127.105.184 (+1 hits since last alert)\|3beeze.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "3beeze.com"] [uri "/xmlrpc.php"] [unique_id "ZsY7plVIx89SNnJ37MJdsQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-21 14:58:54 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 57.129.41.153 (vps-e6adefa3.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 10:58:46.202360 2024] [security2:error] [pid 2146274:tid 2146384] [client 57.129.41.153:54956] [client 57.129.41.153] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 79.142.76.244 (+1 hits since last alert)\|orthopedica.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "orthopedica.org"] [uri "/xmlrpc.php"] [unique_id "ZsYApl8AsU4176EztRMZZgAAAdg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c0e::12d

🇺🇸 192.3.218.12

🇺🇸 184.105.139.67

🇱🇹 141.98.11.83

🇨🇳 113.248.174.75

🇳🇱 45.148.10.147

🇺🇸 43.162.103.165

🇧🇯 41.223.251.9

🇵🇰 203.128.10.138

🇺🇸 147.185.132.19

🇰🇷 116.123.150.231

🇨🇳 112.48.16.186

🇧🇬 91.148.190.150

🇳🇱 45.148.10.141

🇳🇱 45.134.225.230

🇬🇧 35.203.211.62

🇮🇪 34.245.4.150

🇺🇸 3.145.4.88

🇳🇱 185.223.235.44

🇨🇦 178.93.200.121