JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.130.149.151

94.130.149.151 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 31%: ?

31%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.151.149.130.94.clients.your-server.de
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Nuremberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.130.149.151

Whois 94.130.149.151

IP Abuse Reports for 94.130.149.151:

This IP address has been reported a total of 4 times from 4 distinct sources. 94.130.149.151 was first reported on June 11th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-11 10:41:02 (6 hours ago)	[ThuJun1112:41:00.1029162026][security2:error][pid1889266:tid1889413][client94.130.149.151:0]ModSecu ... show more [ThuJun1112:41:00.1029162026][security2:error][pid1889266:tid1889413][client94.130.149.151:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\\$\(\?:\\\\\\\\\(\(\?:\\\\\\\\\(.\\\\\\\\\$\\|.\\)\\\\\\\\\)\\|\\\\\\\\{.\\\\\\\\\}\)\\|[\<\>]\\\\\\\\$.\\\\\\\\\$\)\"atARGS:0.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"396\"][id\"393655\"][rev\"17\"][msg\"Atomicorp.comWAFRules:PossibleRemoteCommandExecution:UnixShellExpressionFound\"][data\"MatchedData:\${encodeuricomponent$string\(res$\)}307\`}\)_chunks:\$q2_formdata:{get:\$1:constructor:constructor}}}foundwithinARGS:0:{then:\$1:__proto__:thenstatus:resolved_modelreason:-1value:{then:\$b1337}_response:{_prefix:varres=$function\(${var_r=typeofrequire\!==undefined\?require:$process.mainmodule\?process.mainmodule.require.bind\(process.mainmodule$:$typeofglobalthis.require\!==undefined\?globalthis.require:null$\)return12899339148110000}\)throwobject.assign$newerror\(next_redirect${...\"][tag\"attack-rce\"] show less	Port Scan Brute-Force Web App Attack
🇮🇪 RoboSOC	2026-06-11 10:02:26 (7 hours ago)	React Server Components Remote Code Execution Vulnerability, PTR: static.151.149.130.94.clients.your ... show more React Server Components Remote Code Execution Vulnerability, PTR: static.151.149.130.94.clients.your-server.de. show less	Hacking
🇱🇻 garmtech.com	2026-06-11 05:08:42 (12 hours ago)	IM360 WAF: RCE via prototype pollution in React Server Components < 19.0.1/19.1.2/19.2.1 or Next.js ... show more IM360 WAF: RCE via prototype pollution in React Server Components < 19.0.1/19.1.2/19.2.1 or Next.js < 15.0.5/16.0.7 (CVE-2025-55182, CVE-2025-66478) show less	Hacking
🇸🇬 securejdprop	2026-06-11 02:20:21 (15 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ATTACK [PTsecurity ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ATTACK [PTsecurity] React Server Components RCE (CVE-2025-55182)). Ip 94.130.149.151 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-11 02:20:20.379822471 +0000 UTC show less	Hacking Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 80.66.83.141

🇨🇳 59.110.213.116

🇬🇧 35.203.210.102

🇬🇧 35.203.210.92

🇺🇸 3.144.72.196

🇨🇳 218.17.217.141

🇳🇱 206.223.236.181

🇧🇷 205.210.31.143

🇩🇪 195.179.230.95

🇬🇧 154.58.158.255

🇲🇽 148.230.144.90

🇨🇳 115.190.125.207

🇮🇩 103.154.231.122

🇧🇬 79.124.62.134

🇺🇸 64.62.156.95

🇨🇻 41.215.221.199

🇺🇸 34.174.118.50

🇲🇽 187.192.250.116

🇧🇷 177.128.51.192

🇧🇷 170.239.194.42