JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.33.65.199

130.33.65.199 was found in our database!

This IP was reported 177 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.33.65.199

Whois 130.33.65.199

IP Abuse Reports for 130.33.65.199:

This IP address has been reported a total of 177 times from 139 distinct sources. 130.33.65.199 was first reported on September 29th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 kommunos	2025-12-29 01:48:38 (5 months ago)	/packed.php	Web App Attack
🇬🇧 myintarweb	2025-10-11 03:13:34 (8 months ago)	130.33.65.199 - mail.madmick.co.uk [29/Sep/2025:23:49:01 +0100] 80 "GET /wp-content/plugins/hellopre ... show more 130.33.65.199 - mail.madmick.co.uk [29/Sep/2025:23:49:01 +0100] 80 "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 1603 "-" "-" ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 MKWServer	2025-10-09 07:15:33 (8 months ago)	Reported from Imunify360 blocklist	Brute-Force SSH
🇺🇸 MKWServer	2025-10-08 06:55:11 (8 months ago)	Reported from Imunify360 blocklist	Brute-Force SSH
🇭🇺 NyaljBe	2025-10-02 01:57:00 (8 months ago)	130.33.65.199 - - [30/Sep/2025:00:49:56 +0200] "GET /fox.php HTTP/1.1" 404 153 "-" "-" 130.33.65.19 ... show more 130.33.65.199 - - [30/Sep/2025:00:49:56 +0200] "GET /fox.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:56 +0200] "GET /sxo.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:55 +0200] "GET /atombil.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:55 +0200] "GET /up.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:55 +0200] "GET /mah.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:55 +0200] "GET /wp-22.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:54 +0200] "GET /lc.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:54 +0200] "GET /mini.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:54 +0200] "GET /elp.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:54 +0200] "GET /chosen.php?p= HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - - [30/Sep/2025:00:49:53 +0200] "GET /byp.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇹🇷 rtbh.com.tr	2025-10-01 20:09:07 (8 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇭🇺 DumaNet	2025-10-01 00:32:00 (8 months ago)	Web app attack attempts, scanning for vulnerability. Date: 2025 Sep 30. 01:12:55 Source IP: 130.33 ... show more Web app attack attempts, scanning for vulnerability. Date: 2025 Sep 30. 01:12:55 Source IP: 130.33.65.199 Portion of the log(s): 130.33.65.199 - [30/Sep/2025:01:12:53 +0200] "GET /xmrlpc.php?p= HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:52 +0200] "GET /warm.PhP7 HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:52 +0200] "GET /themes.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:52 +0200] "GET /tinny.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:52 +0200] "GET /mar.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:51 +0200] "GET /rss.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:51 +0200] "GET /xx.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:51 +0200] "GET /wp.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:51 +0200] "GET /ty.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:01:12:50 +0200] "GET /inputs.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇭🇺 DumaNet	2025-10-01 00:18:00 (8 months ago)	Web app attack attempts, scanning for vulnerability. Date: 2025 Sep 30. 00:42:50 Source IP: 130.33 ... show more Web app attack attempts, scanning for vulnerability. Date: 2025 Sep 30. 00:42:50 Source IP: 130.33.65.199 Portion of the log(s): 130.33.65.199 - [30/Sep/2025:00:42:49 +0200] "GET /autoload_classmap.php?p= HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:49 +0200] "GET /wp-activate.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:49 +0200] "GET /classwithtostring.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:49 +0200] "GET /karak.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:48 +0200] "GET /atomlib.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:48 +0200] "GET /simple.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:48 +0200] "GET /moon.php?p= HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:48 +0200] "GET /makeasmtp.php?p= HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:47 +0200] "GET /num.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:42:47 +0200] "GET show less	Web App Attack
🇹🇷 rtbh.com.tr	2025-10-01 00:09:06 (8 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇭🇺 DumaNet	2025-09-30 23:54:00 (8 months ago)	Web app attack attempts, scanning for vulnerability. Date: 2025 Sep 30. 00:51:15 Source IP: 130.33 ... show more Web app attack attempts, scanning for vulnerability. Date: 2025 Sep 30. 00:51:15 Source IP: 130.33.65.199 Portion of the log(s): 130.33.65.199 - [30/Sep/2025:00:49:46 +0200] "GET /bs1.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:46 +0200] "GET /mpvloi.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:45 +0200] "GET /cong.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:45 +0200] "GET /lv.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:45 +0200] "GET /buy.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:45 +0200] "GET /cache.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:45 +0200] "GET /file.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:44 +0200] "GET /ar.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:44 +0200] "GET /class.php HTTP/1.1" 404 153 "-" "-" 130.33.65.199 - [30/Sep/2025:00:49:44 +0200] "GET /lock360.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇳🇱 homeshowdomain.nl	2025-09-30 21:59:05 (8 months ago)	Auto-ban: >500 bad req/min on 2025-09-29	Hacking Web App Attack SSH
🇩🇪 Vegascosmetics	2025-09-30 21:50:41 (8 months ago)	Kingcopy(AI-IDS): IP is wandering around the site and acting suspiciously.	Bad Web Bot
🇹🇷 rtbh.com.tr	2025-09-30 20:09:06 (8 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇧🇪 Ivo Vynckier	2025-09-30 16:37:00 (8 months ago)	130.33.65.199 - - [29/Sep/2025:20:45:37 +0200] "GET /abcd.php HTTP/1.1" 301 253 "-" "-" 130.33.65.1 ... show more 130.33.65.199 - - [29/Sep/2025:20:45:37 +0200] "GET /abcd.php HTTP/1.1" 301 253 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:38 +0200] "GET /nc4.php HTTP/1.1" 404 27 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:38 +0200] "GET /we.php HTTP/1.1" 404 27 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:39 +0200] "GET /lock360.php HTTP/1.1" 404 27 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:40 +0200] "GET /class.php HTTP/1.1" 404 27 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:40 +0200] "GET /ar.php HTTP/1.1" 404 27 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:41 +0200] "GET /file.php? HTTP/1.1" 404 27 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:41 +0200] "GET /cache.php HTTP/1.1" 404 27 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:42 +0200] "GET /buy.php HTTP/1.1" 404 27 "-" "-" 130.33.65.199 - - [29/Sep/2025:20:45:42 +0200] "GET /lv.php HTTP/1.1" 404 27 "-" "-" show less	Web App Attack
🇺🇸 drodrig	2025-09-30 07:28:45 (8 months ago)	CrowdSec triggered: %!s(*string=0xc002e24710) (0 events)	Brute-Force

Showing 1 to 15 of 177 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 94.164.172.144

🇺🇸 20.65.195.62

🇷🇺 5.183.29.15

🇷🇴 2.57.121.25

🇬🇧 194.50.235.141

🇺🇸 65.49.1.130

🇹🇭 49.49.251.216

🇩🇪 193.36.84.88

🇺🇸 161.35.124.147

🇮🇳 122.187.240.209

🇫🇷 92.119.124.123

🇰🇷 222.118.170.176

🇺🇸 165.22.0.53

🇷🇴 80.94.92.184

🇸🇬 47.79.200.121

🇷🇺 46.147.195.11

🇮🇪 2a05:d018:bb5:3301:de14:476d:e324:264a

🇮🇳 2407:cb00:c5a8:6c51:d00d:41ef:9888:21f

🇺🇸 212.102.46.40

🇬🇧 195.96.139.16