JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.172.131.149

172.172.131.149 was found in our database!

This IP was reported 3,272 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.172.131.149

Whois 172.172.131.149

IP Abuse Reports for 172.172.131.149:

This IP address has been reported a total of 3,272 times from 851 distinct sources. 172.172.131.149 was first reported on February 13th 2026, and the most recent report was 32 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 kkeyser	2026-06-01 06:20:00 (3 days ago)	Failed password for invalid user daniel from 172.172.131.149 port 42656 ssh2	Brute-Force SSH
Anonymous	2026-06-01 06:14:42 (3 days ago)	...	Brute-Force SSH
🇺🇸 bigscoots.com	2026-06-01 05:12:27 (3 days ago)	172.172.131.149 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 ... show more 172.172.131.149 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 1 00:11:04 17546 sshd[24066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.123.84.201 user=root Jun 1 00:11:06 17546 sshd[24066]: Failed password for root from 93.123.84.201 port 37976 ssh2 Jun 1 00:12:10 17546 sshd[24439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.172.131.149 user=root Jun 1 00:05:07 17546 sshd[21834]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.123.84.201 user=root Jun 1 00:05:08 17546 sshd[21834]: Failed password for root from 93.123.84.201 port 35204 ssh2 IP Addresses Blocked: 93.123.84.201 (DE/Germany/-) show less	Brute-Force SSH
🇫🇷 SouperCat	2026-06-01 05:10:12 (3 days ago)	2026-06-01T06:10:10.165366+01:00 prod-02 sshd[1138988]: pam_unix(sshd:auth): authentication failure; ... show more 2026-06-01T06:10:10.165366+01:00 prod-02 sshd[1138988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.172.131.149 2026-06-01T06:10:12.179874+01:00 prod-02 sshd[1138988]: Failed password for invalid user mailtest from 172.172.131.149 port 35150 ssh2 ... show less	Brute-Force SSH
🇳🇱 VMHeaven.io	2026-06-01 04:19:37 (3 days ago)	Jun 1 04:15:33 proxy-epyc sshd[2034756]: pam_unix(sshd:auth): authentication failure; logname= uid= ... show more Jun 1 04:15:33 proxy-epyc sshd[2034756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.172.131.149 Jun 1 04:15:35 proxy-epyc sshd[2034756]: Failed password for invalid user administrator from 172.172.131.149 port 60194 ssh2 Jun 1 04:19:34 proxy-epyc sshd[2035292]: Invalid user ftpuser from 172.172.131.149 port 32788 Jun 1 04:19:34 proxy-epyc sshd[2035292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.172.131.149 Jun 1 04:19:36 proxy-epyc sshd[2035292]: Failed password for invalid user ftpuser from 172.172.131.149 port 32788 ssh2 ... show less	Brute-Force SSH
🇵🇱 Wepted	2026-06-01 04:13:00 (3 days ago)	2026-06-01T06:01:00.804150+02:00 axisverse sshd-session[797951]: Invalid user netbox from 172.172.13 ... show more 2026-06-01T06:01:00.804150+02:00 axisverse sshd-session[797951]: Invalid user netbox from 172.172.131.149 port 54506 2026-06-01T06:08:59.083424+02:00 axisverse sshd-session[819046]: Invalid user datacenter from 172.172.131.149 port 47734 2026-06-01T06:12:59.532619+02:00 axisverse sshd-session[829495]: Invalid user administrator from 172.172.131.149 port 58808 ... show less	Brute-Force SSH
🇺🇸 amit177	2026-06-01 04:05:47 (3 days ago)		Brute-Force SSH
🇩🇪 LoNET	2026-06-01 04:00:55 (3 days ago)	Report 2420366 with IP 3158854 for SSH brute-force attack by source 3259048 via ssh-honeypot/0.2.1+h ... show more Report 2420366 with IP 3158854 for SSH brute-force attack by source 3259048 via ssh-honeypot/0.2.1+http show less	Brute-Force SSH
Anonymous	2026-06-01 03:47:45 (3 days ago)	2026-06-01T00:47:43.277990-03:00 vmi1230637 sshd[232128]: Invalid user liu from 172.172.131.149 port ... show more 2026-06-01T00:47:43.277990-03:00 vmi1230637 sshd[232128]: Invalid user liu from 172.172.131.149 port 37294 ... show less	Brute-Force SSH
🇪🇸 DXC-0	2026-06-01 03:00:32 (3 days ago)	Multiple attacks on Honeypot servers	Web Spam Brute-Force Web App Attack Hacking
🇵🇱 skillhost.pl	2026-06-01 02:44:48 (3 days ago)	Automated SSH brute-force attack detected. The IP repeatedly attempted to authenticate to port 22 us ... show more Automated SSH brute-force attack detected. The IP repeatedly attempted to authenticate to port 22 using multiple usernames and password guesses within a short timeframe. show less	Brute-Force SSH
🇺🇸 yzfdude1	2026-06-01 01:34:49 (3 days ago)	May 31 19:30:22 hemera sshd[331674]: Failed password for root from 172.172.131.149 port 49328 ssh2 M ... show more May 31 19:30:22 hemera sshd[331674]: Failed password for root from 172.172.131.149 port 49328 ssh2 May 31 19:34:46 hemera sshd[331738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.172.131.149 user=root May 31 19:34:49 hemera sshd[331738]: Failed password for root from 172.172.131.149 port 55102 ssh2 ... show less	Brute-Force SSH
🇬🇧 andypiper	2026-06-01 01:02:04 (3 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇰🇷 Woodie	2026-06-01 00:28:28 (3 days ago)	2026-05-31T20:24:05.532572-04:00 debian sshd[2337677]: pam_unix(sshd:auth): authentication failure; ... show more 2026-05-31T20:24:05.532572-04:00 debian sshd[2337677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.172.131.149 2026-05-31T20:24:08.090218-04:00 debian sshd[2337677]: Failed password for invalid user live from 172.172.131.149 port 49194 ssh2 2026-05-31T20:28:25.906546-04:00 debian sshd[2340799]: Invalid user test3 from 172.172.131.149 port 35806 2026-05-31T20:28:25.910986-04:00 debian sshd[2340799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.172.131.149 2026-05-31T20:28:27.497358-04:00 debian sshd[2340799]: Failed password for invalid user test3 from 172.172.131.149 port 35806 ssh2 ... show less	Brute-Force SSH
Anonymous	2026-06-01 00:12:35 (3 days ago)	B: f2b ssh aggressive 3x	Brute-Force SSH

Showing 136 to 150 of 3272 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.198.240.116

🇸🇬 103.134.154.36

🇺🇸 212.102.40.218

🇰🇷 210.204.63.182

🇩🇿 197.200.154.252

🇬🇧 193.32.209.240

🇪🇸 185.9.193.111

🇺🇸 162.216.149.250

🇮🇩 157.15.73.34

🇫🇮 138.124.80.167

🇵🇱 87.251.64.145

🇭🇰 65.181.88.245

🇳🇱 45.148.10.141

🇸🇬 18.136.107.149

🇸🇬 4.194.4.255

🇫🇷 2001:41d0:33d:9200::400

🇻🇳 222.252.75.86

🇺🇸 172.174.72.225

🇳🇬 165.154.176.251

🇩🇪 159.195.151.66