JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.131.237.129

130.131.237.129 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 65%: ?

65%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.131.237.129

Whois 130.131.237.129

IP Abuse Reports for 130.131.237.129:

This IP address has been reported a total of 26 times from 20 distinct sources. 130.131.237.129 was first reported on March 16th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 Wepted	2026-06-08 07:18:30 (3 hours ago)	Port scan detected by honeypot	Port Scan Hacking
🇹🇷 Domainhizmetleri.com	2026-06-08 06:55:45 (3 hours ago)	[honeypot] - MS-SQL-PROBE	Port Scan Hacking
Anonymous	2026-06-08 06:30:54 (4 hours ago)	Jun 8 02:30:53 localhost kernel: [109245559.010532] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Jun 8 02:30:53 localhost kernel: [109245559.010532] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=130.131.237.129 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=46 ID=44257 DF PROTO=TCP SPT=53781 DPT=2083 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 8 02:30:53 localhost kernel: [109245559.010550] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=130.131.237.129 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=46 ID=44257 DF PROTO=TCP SPT=53781 DPT=2083 SEQ=619140241 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405A00402080A8BCF2089000000000103030A) Jun 8 02:30:53 localhost kernel: [109245559.019969] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=130.131.237.129 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=46 ID=18990 DF PROTO=TCP SPT=53781 DPT=2082 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 8 02:30:53 localhost kernel: [109245559.019975] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c: show less	Port Scan
🇩🇪 ITSNF	2026-06-08 06:00:13 (4 hours ago)	Blocked by os-abuseipdb; 8 hits, proto=tcp, ports=2082,2083,2086,2087,443,80,8080,8443	Port Scan Hacking
🇧🇾 lns.bz	2026-06-08 05:52:18 (5 hours ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 mnsf	2026-06-08 05:07:35 (5 hours ago)	Abuse Detected (7)	Brute-Force Web App Attack
🇬🇧 sandra361	2026-06-08 04:56:01 (5 hours ago)	Port scan detected: 7 attempts across 7 ports (2082,2083,2086,443,80,8080,8443). \| Evidence: GHOST_S ... show more Port scan detected: 7 attempts across 7 ports (2082,2083,2086,443,80,8080,8443). \| Evidence: GHOST_SCAN:IN=enp1s0f0 OUT= SRC=130.131.237.129 LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=56129 DF PROTO=TCP SPT=54570 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 Lazentis	2026-06-08 04:27:06 (6 hours ago)	Unauthorized access attempt to port 8080 (tcp)	Brute-Force SSH
🇺🇸 KitsuneTech	2026-06-08 04:21:39 (6 hours ago)	130.131.237.129 - - [07/Jun/2026:23:21:38 -0500] "GET /wp-config.php HTTP/1.1" 301 244 "-" "Mozilla/ ... show more 130.131.237.129 - - [07/Jun/2026:23:21:38 -0500] "GET /wp-config.php HTTP/1.1" 301 244 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" ... show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-13 22:03:15 (1 month ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-04-12. show less	Web App Attack SSH Hacking
🇳🇱 homeshowdomain.nl	2026-04-12 22:02:54 (1 month ago)	Auto-ban: >3000 req/min op 2026-04-12	Web App Attack SSH Hacking
🇫🇷 masterguru	2026-04-12 18:54:59 (1 month ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-196)	Hacking Web App Attack
🇨🇦 lakered	2026-04-12 17:58:20 (1 month ago)	Honeypot Lakered: Access attempt on config (Pattern: .git). IP automatically banned.	Port Scan
🇺🇸 TPI-Abuse	2026-04-12 17:49:45 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 130.131.237.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 130.131.237.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 13:49:40.346122 2026] [security2:error] [pid 4036833:tid 4036833] [client 130.131.237.129:21247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frontend.keaborner.com"] [uri "/.git/config"] [unique_id "advbNA81eZLz-Ll7TtOytwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 16:50:09 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 130.131.237.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 130.131.237.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 12:50:04.295407 2026] [security2:error] [pid 672389:tid 672389] [client 130.131.237.129:21409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wallet.joebankx.com"] [uri "/.git/config"] [unique_id "advNPBO2XK1s7LXkT-UhQwAAAA4"], referer: https://www.bing.com/search?q= show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 202.177.242.12

🇦🇷 190.244.39.224

🇫🇷 161.97.72.101

🇵🇱 134.112.56.47

🇩🇪 51.89.91.199

🇵🇰 39.57.51.66

🇭🇰 103.226.124.223

🇪🇸 85.86.243.126

🇱🇹 81.30.98.158

🇱🇹 81.30.98.62

🇱🇹 81.30.98.44

🇳🇱 45.148.10.151

🇺🇸 18.222.151.249

🇺🇸 2602:80d:1007::3b

🇬🇧 185.61.154.206

🇨🇳 180.76.183.253

🇧🇷 177.234.190.89

🇩🇪 151.243.150.23

🇸🇬 114.119.145.42

🇳🇱 45.140.222.131