JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 151.241.122.64

151.241.122.64 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 31%: ?

31%

ISP	FTS184 PIA PHASE3 - AMS/NY/NJ/LA/MIA/SYD
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	abuseradar.com
Country	🇺🇸 United States of America
City	Jersey City, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 151.241.122.64

Whois 151.241.122.64

IP Abuse Reports for 151.241.122.64:

This IP address has been reported a total of 24 times from 23 distinct sources. 151.241.122.64 was first reported on October 27th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 CELOS-SOC	2026-06-12 20:30:55 (1 day ago)	Multiple Unauthorized SSLVPN Login Attempts	Hacking Brute-Force
🇺🇸 cpxducky	2026-04-30 09:27:40 (1 month ago)	2026-04-30 09:27:40: Minecraft server scan detected from 151.241.122.64 on port 25565 of mail.cpxduc ... show more 2026-04-30 09:27:40: Minecraft server scan detected from 151.241.122.64 on port 25565 of mail.cpxducky.com show less	Port Scan
🇨🇳 ThreatBook.io	2026-04-16 23:17:55 (1 month ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/151.241.122.64 20 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/151.241.122.64 2026-04-16 08:13:31 / 2026-04-16 06:49:52 / show less	Web App Attack
Anonymous	2026-04-16 03:03:33 (1 month ago)	IP & Port Scan.	SSH Port Scan Brute-Force
🇺🇸 MPL	2026-04-15 17:37:14 (1 month ago)	tcp/80 (6 or more attempts)	Port Scan
🇩🇪 Honeypot-EU-Fru	2026-04-15 15:28:29 (1 month ago)	151.241.122.64 - - [redacted] [15/Apr/2026:17:28:28 +0200] "GET /app/.env HTTP/1.1" 404 188 "-" "Moz ... show more 151.241.122.64 - - [redacted] [15/Apr/2026:17:28:28 +0200] "GET /app/.env HTTP/1.1" 404 188 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 0.000 - ... show less	Bad Web Bot Web App Attack
🇫🇮 oh.mg	2026-04-15 15:26:14 (1 month ago)	[Wed Apr 15 17:26:13.616444 2026] [security2:error] [pid 2315901:tid 2315922] [client 151.241.122.64 ... show more [Wed Apr 15 17:26:13.616444 2026] [security2:error] [pid 2315901:tid 2315922] [client 151.241.122.64:42639] [client 151.241.122.64] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "95.216.72.247"] [uri "/erp/.env"] [unique_id "ad-uFbr4NUQto87ochvovAAAAc0"] [Wed Apr 15 17:26:13.839623 2026] [security2:error] [pid 2315901:tid 2315930] [client 151.241.122.64:33281] [client 151.241.122.64] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.10.0-dev" ... show less	Web App Attack Bad Web Bot
🇺🇸 kosada.com	2026-04-15 15:23:06 (1 month ago)	Web vulnerability probing: /.aws/credentials (bogus vhost/SNI)	Web App Attack
🇨🇭 zynex	2026-04-15 15:14:31 (1 month ago)	URL Probing: /erp/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 15:13:28 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 151.241.122.64 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 151.241.122.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 11:13:22.100345 2026] [security2:error] [pid 3412042:tid 3412042] [client 151.241.122.64:56386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.250"] [uri "/api/.env"] [unique_id "ad-rEtVGjtXdpNyqStEM_AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-04-15 15:12:28 (1 month ago)	.env scanning [BY]	Web App Attack
🇦🇺 AWW-Admin	2026-04-15 15:05:14 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 151.241.122.64 (US/United States/-)	SQL Injection
🇺🇸 Gabriel Camargo	2026-04-15 14:53:11 (1 month ago)	151.241.122.64 - - [15/Apr/2026:09:53:10 -0500] "GET /.aws/credentials HTTP/1.1" 404 197 "-" "Mozill ... show more 151.241.122.64 - - [15/Apr/2026:09:53:10 -0500] "GET /.aws/credentials HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 151.241.122.64 - - [15/Apr/2026:09:53:10 -0500] "GET /erp/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" 151.241.122.64 - - [15/Apr/2026:09:53:10 -0500] "GET /backend/.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" ... show less	Brute-Force SSH
🇵🇱 tomkolp	2026-04-15 14:28:22 (1 month ago)	CrowdSec - Scenario: crowdsecurity/http-sensitive-files. Duration: 4h.	Port Scan Web App Attack
🇫🇷 breubit	2026-04-15 14:09:24 (1 month ago)	151.241.122.64 - - [15/Apr/2026:16:09:24 +0200] "GET /app/.env HTTP/1.1" 404 455 "-" "Mozilla/5.0 (W ... show more 151.241.122.64 - - [15/Apr/2026:16:09:24 +0200] "GET /app/.env HTTP/1.1" 404 455 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/122.0.0.0 Safari/537.36" ... show less	Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 173.239.240.72

🇮🇳 110.227.211.82

🇸🇬 47.82.48.131

🇳🇱 35.204.197.107

🇦🇺 34.151.164.108

🇮🇳 2401:4900:8811:66a0:ad46:80bc:6324:4c55

🇫🇷 185.177.72.16

🇷🇺 31.130.35.29

🇨🇳 223.109.252.144

🇰🇷 222.239.251.12

🇧🇷 45.160.138.242

🇿🇦 41.13.152.170

🇬🇧 35.242.130.194

🇸🇬 13.229.207.65

🇺🇸 2604:a880:400:d1:0:4:9639:4001

🇨🇱 186.10.86.130

🇺🇸 150.136.214.177

🇺🇸 138.197.204.198

🇻🇳 103.237.144.204

🇱🇹 45.227.254.170