JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 57.151.128.136

57.151.128.136 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 78%: ?

78%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Cheyenne, Wyoming

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 57.151.128.136

Whois 57.151.128.136

IP Abuse Reports for 57.151.128.136:

This IP address has been reported a total of 45 times from 36 distinct sources. 57.151.128.136 was first reported on September 27th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 SOC-BR	2026-06-27 07:21:13 (1 day ago)	Attack detected by Fortinet - web_server: HTPasswd.Access - 2026-06-26 15:00:14 - Source Port 9213	Port Scan Hacking
🇩🇪 ValtonTahiri	2026-06-26 15:55:42 (2 days ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=57.151.128.136; proto=TCP; source_port=9883; target_port=8443; flags=ACK,RST show less	Port Scan
🇩🇪 Admins@FBN	2026-06-26 14:46:01 (2 days ago)	FW-PortScan: Traffic Blocked srcport=8271 dstport=2086	Port Scan
🇺🇸 TPI-Abuse	2026-06-26 14:20:48 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 57.151.128.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 57.151.128.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 10:20:44.016241 2026] [security2:error] [pid 2398:tid 2398] [client 57.151.128.136:8852] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.194"] [uri "/.git/HEAD"] [unique_id "aj6KvGnI_JW7Qi6XMbhQvAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-06-26 13:39:00 (2 days ago)	[redacted] 57.151.128.136 - - [26/Jun/2026:14:38:57 +0100] "GET /.git/HEAD HTTP/1.1" 307 386 "-" "Mo ... show more [redacted] 57.151.128.136 - - [26/Jun/2026:14:38:57 +0100] "GET /.git/HEAD HTTP/1.1" 307 386 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" [redacted] 57.151.128.136 - - [26/Jun/2026:14:38:58 +0100] "GET /.git/config HTTP/1.1" 307 386 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" show less	Bad Web Bot Web App Attack
Anonymous	2026-06-26 13:13:43 (2 days ago)	Jun 26 09:13:42 localhost kernel: [110824891.362203] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Jun 26 09:13:42 localhost kernel: [110824891.362203] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=57.151.128.136 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=45 ID=17565 DF PROTO=TCP SPT=9163 DPT=2083 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 26 09:13:42 localhost kernel: [110824891.362225] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=57.151.128.136 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=45 ID=17565 DF PROTO=TCP SPT=9163 DPT=2083 SEQ=1034412822 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405A00402080A40F21329000000000103030A) Jun 26 09:13:42 localhost kernel: [110824891.362398] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=57.151.128.136 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=45 ID=23866 DF PROTO=TCP SPT=9190 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 26 09:13:42 localhost kernel: [110824891.368787] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0 show less	Port Scan
🇮🇪 AutosOnShow	2026-06-26 12:52:05 (2 days ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-06-26 12:51:20.237 \|	Web App Attack
🇺🇸 Ocean Ascents	2026-06-26 12:24:38 (2 days ago)	Probe for vulnerabilities. Path attempted: /wp-config.php	Web App Attack
Anonymous	2026-06-15 13:05:09 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-06-15 05:18:48 (1 week ago)		Web App Attack
🇩🇪 jasperedv.de	2026-06-15 05:12:23 (1 week ago)	Apache Login - Brutforcing	Web App Attack Brute-Force
🇫🇷 dynamix	2026-06-15 02:19:19 (1 week ago)	Multiple WAF Violations	Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-15 01:05:26 (1 week ago)	Scanning for web/db/file exploits on tpc-030.mach3builders.nl	SQL Injection Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-15 00:48:31 (1 week ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-15 00:44:23 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 57.151.128.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 57.151.128.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:44:16.492051 2026] [security2:error] [pid 7924:tid 7924] [client 57.151.128.136:59072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.111"] [uri "/.env"] [unique_id "ai9K4HEiHyTpT4fZcRruSAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.48.253

🇧🇷 205.210.31.141

🇭🇰 152.32.129.236

🇨🇳 120.48.199.28

🇮🇩 103.52.16.98

🇬🇧 89.37.172.147

🇧🇬 79.124.62.126

🇨🇳 59.45.231.100

🇺🇸 20.168.6.15

🇺🇸 216.244.66.246

🇬🇧 193.163.125.254

🇨🇴 179.32.201.5

🇨🇦 172.97.134.151

🇿🇦 147.136.65.213

🇮🇹 95.236.205.122

🇯🇵 92.113.142.203

🇸🇪 83.177.240.110

🇸🇬 51.79.152.198

🇮🇳 45.123.110.70

🇪🇹 196.189.155.89