JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 57.151.128.130

57.151.128.130 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 85%: ?

85%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Cheyenne, Wyoming

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 57.151.128.130

Whois 57.151.128.130

IP Abuse Reports for 57.151.128.130:

This IP address has been reported a total of 30 times from 23 distinct sources. 57.151.128.130 was first reported on September 18th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-06 14:53:08 (4 days ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-06 14:52:25 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 57.151.128.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 57.151.128.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 10:52:20.878922 2026] [security2:error] [pid 466:tid 466] [client 57.151.128.130:59328] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.159"] [uri "/.git/HEAD"] [unique_id "aiQ0JKnXxuqHDH4QH-3lCwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-06-06 14:45:35 (4 days ago)	Honeypot hit: Empty payload (likely service probe); 2086 [1], 2083 [1], 2087 [1], 2082 [1] TCP Repor ... show more Honeypot hit: Empty payload (likely service probe); 2086 [1], 2083 [1], 2087 [1], 2082 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 RAP	2026-06-06 13:41:09 (4 days ago)	2026-06-06 13:41:09 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇳🇱 StopAbuse	2026-06-06 13:29:44 (4 days ago)	tcp/2087 tcp/443 tcp/80 tcp/8080 tcp/8443	Port Scan
🇺🇸 TPI-Abuse	2026-06-06 12:56:23 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 57.151.128.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 57.151.128.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 08:56:15.963577 2026] [security2:error] [pid 4671:tid 4671] [client 57.151.128.130:58991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.20"] [uri "/.git/HEAD"] [unique_id "aiQY7xmVPX7Eza-2nZKwXAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-06-06 12:20:07 (4 days ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
Anonymous	2026-06-06 12:05:14 (4 days ago)	Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/ ... show more Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0 show less	Web App Attack
🇫🇷 Flo Flo	2026-06-06 11:59:55 (4 days ago)	57.151.128.130 - - - [06/Jun/2026:13:59:55 +0200] "82.66.117.16" "GET /.git/HEAD HTTP/1.1" 444 0 "-" ... show more 57.151.128.130 - - - [06/Jun/2026:13:59:55 +0200] "82.66.117.16" "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 0.000 ... show less	Web App Attack
🇺🇸 drewf.ink	2026-06-01 03:08:07 (1 week ago)	[03:08] Port scanning. Port(s) scanned: TCP/8080	Port Scan
🇸🇪 donarev419	2026-06-01 02:41:40 (1 week ago)	Port scan detected on port 2082 (connection without data transfer)	Port Scan
🇩🇪 psauxit	2026-06-01 02:16:19 (1 week ago)	Fail2Ban - UFW port probing on unauthorized port	Port Scan
🇩🇪 ValtonTahiri	2026-06-01 02:07:59 (1 week ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=57.151.128.130; proto=TCP; source_port=64529; target_port=2087; flags=SYN show less	Port Scan
🇫🇷 zulzeen	2026-06-01 02:00:59 (1 week ago)	[distribamap-0] Blocked by SysWarden Firewall [BLOCK] (Web Attack)	Hacking Web App Attack
🇩🇪 iNetWorker	2026-06-01 01:37:28 (1 week ago)	trying to access non-authorized port	Port Scan

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.199.162.6

🇺🇸 193.37.33.152

🇺🇸 186.179.14.158

🇮🇶 185.166.25.150

🇺🇸 181.177.80.236

🇳🇱 45.198.224.21

🇺🇸 34.60.192.89

🇮🇷 193.93.169.213

🇺🇸 186.179.47.83

🇺🇸 186.179.39.24

🇺🇸 170.254.178.46

🇯🇵 118.193.61.170

🇻🇳 103.179.172.233

🇺🇸 73.183.74.177

🇮🇶 65.20.134.97

🇨🇳 61.147.209.31

🇭🇰 47.243.174.183

🇭🇰 45.142.154.98

🇺🇸 186.179.14.235

🇺🇸 186.179.14.199