JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.183.131.193

172.183.131.193 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 93%: ?

93%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.183.131.193

Whois 172.183.131.193

IP Abuse Reports for 172.183.131.193:

This IP address has been reported a total of 136 times from 76 distinct sources. 172.183.131.193 was first reported on December 30th 2025, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mw	2026-06-21 01:14:58 (11 hours ago)	Web App Attack	Web App Attack
🇺🇸 mw	2026-06-20 01:14:54 (1 day ago)	Web App Attack	Web App Attack
🇺🇸 mw	2026-06-19 00:44:59 (2 days ago)	Web App Attack	Web App Attack
🇬🇧 andypiper	2026-06-18 01:00:39 (3 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 mw	2026-06-18 00:44:47 (3 days ago)	Web App Attack	Web App Attack
🇺🇸 mw	2026-06-17 00:44:45 (4 days ago)	Web App Attack	Web App Attack
🇺🇸 mw	2026-06-16 00:16:46 (5 days ago)	Web App Attack	Web App Attack
🇬🇧 andypiper	2026-06-15 01:00:27 (6 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 MPL	2026-06-14 21:01:08 (6 days ago)	tcp port scan (9 or more attempts)	Port Scan
🇺🇸 Axel	2026-06-14 20:52:31 (6 days ago)	Blocked by UFW on MVI [2096/tcp] \| SPT: 6497 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on MVI [2096/tcp] \| SPT: 6497 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-14 20:28:37 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 172.183.131.193 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.183.131.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 16:28:34.549557 2026] [security2:error] [pid 12714:tid 12714] [client 172.183.131.193:5481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.121"] [uri "/.env"] [unique_id "ai8O8tJtDEM0uWZgaq-RjAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 KiekerJan	2026-06-14 19:48:14 (6 days ago)	172.183.131.193 - - [14/Jun/2026:21:47:58 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5. ... show more 172.183.131.193 - - [14/Jun/2026:21:47:58 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 172.183.131.193 - - [14/Jun/2026:21:48:13 +0200] "GET /dump.sql HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 19:34:42 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 172.183.131.193 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.183.131.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:34:36.137970 2026] [security2:error] [pid 10338:tid 10338] [client 172.183.131.193:6144] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.108"] [uri "/.env.save"] [unique_id "ai8CTL_Ev0xmxL-Vq9M2SQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 18:35:22 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 172.183.131.193 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.183.131.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:35:15.627243 2026] [security2:error] [pid 17658:tid 17658] [client 172.183.131.193:5328] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.151"] [uri "/.git/HEAD"] [unique_id "ai70Y0pFtSzqFaLZAGGx-QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 Threat.live	2026-06-14 17:40:03 (6 days ago)	Suspicious Connection Attempts	Brute-Force

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇮 176.65.134.8

🇺🇸 66.132.186.253

🇦🇪 145.241.123.102

🇺🇸 130.131.55.227

🇩🇪 69.5.169.243

🇺🇸 20.118.248.174

🇧🇷 200.189.23.102

🇷🇴 193.32.162.16

🇷🇺 128.71.65.34

🇫🇷 85.217.140.46

🇺🇸 43.135.135.17

🇺🇸 34.121.63.49

🇨🇳 14.103.107.234

🇫🇷 5.135.250.1

🇷🇴 2.57.121.25

🇫🇷 2001:41d0:303:a1d0::1

🇱🇰 220.247.224.226

🇺🇸 209.225.102.212

🇭🇰 165.154.41.50

🇮🇳 116.73.240.74