JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.183.133.240

172.183.133.240 was found in our database!

This IP was reported 59 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.183.133.240

Whois 172.183.133.240

IP Abuse Reports for 172.183.133.240:

This IP address has been reported a total of 59 times from 46 distinct sources. 172.183.133.240 was first reported on February 5th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-06-06 00:46:47 (2 weeks ago)	WordPress WebAttack	Brute-Force Web App Attack
Anonymous	2026-06-05 14:07:46 (2 weeks ago)	Trying to access config files	Web App Attack
🇪🇸 librebit	2026-06-04 08:40:23 (2 weeks ago)	Brute force	Brute-Force
🇬🇧 andypiper	2026-06-04 01:01:56 (2 weeks ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇨🇦 polycoda	2026-06-04 00:12:58 (2 weeks ago)	🔑 Probes for xmlrpc.php everywhere	Hacking Web App Attack
Anonymous	2026-06-04 00:06:04 (2 weeks ago)	Trying to access config files	Web App Attack
🇩🇪 Vegascosmetics	2026-06-03 23:34:05 (2 weeks ago)	Kingcopy(AI-IDS) Report: IP automatically blocked after PHP/webshell probe. Vegas Security System	DDoS Attack Hacking Bad Web Bot
🇩🇪 Holger	2026-06-03 23:22:57 (2 weeks ago)	WordPress WebAttack	Brute-Force Web App Attack
Anonymous	2026-06-03 22:52:34 (2 weeks ago)	Attac	Brute-Force
🇧🇾 lns.bz	2026-06-03 22:44:30 (2 weeks ago)	Banned for trying to access xmlrpc [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 22:36:35 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 172.183.133.240 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 172.183.133.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 18:36:31.381082 2026] [security2:error] [pid 28467:tid 28467] [client 172.183.133.240:3102] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 172.183.133.240 (+1 hits since last alert)\|zezel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "zezel.com"] [uri "/wp/xmlrpc.php"] [unique_id "aiCsb3Ez3sBysfgQI1nvzAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 blinx	2026-06-03 22:27:20 (2 weeks ago)	Suspicious activity detected by Modsecurity	Web Spam Port Scan Hacking Bad Web Bot Web App Attack
🇨🇦 lakered	2026-06-03 22:25:43 (2 weeks ago)	Detectors: [NGINX] \| Reasons: Nginx Honeypot: Administration interface scan \| Tech Evidence: JA4H: 9 ... show more Detectors: [NGINX] \| Reasons: Nginx Honeypot: Administration interface scan \| Tech Evidence: JA4H: 96d55b010eea63fe63a208d5d7cdff72, Minimal-Browser-Profile, Lazy-Header-Accept, Fake-Chrome-Desktop (No-CH), TLS-JA4-Spoofing-Detected (UA claims Browser but JA4 reports No-HTTP/2: t13d131000), JA4: t13d131000 \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 show less	Port Scan Web App Attack
🇩🇪 Spiderpiggy	2026-06-03 22:16:23 (2 weeks ago)	Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoi ... show more Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoint: /wp/xmlrpc.php show less	Brute-Force Bad Web Bot SSH
🇩🇪 Hazzard	2026-06-03 22:09:09 (2 weeks ago)	(wordpress) Failed wordpress login from 172.183.133.240 (US/United States/Illinois/Chicago/-/[redact ... show more (wordpress) Failed wordpress login from 172.183.133.240 (US/United States/Illinois/Chicago/-/[redacted]): (CF_ENABLE) show less	Brute-Force

Showing 1 to 15 of 59 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.119.230.39

🇧🇷 179.111.150.107

🇺🇸 147.185.132.36

🇺🇸 144.172.96.139

🇵🇭 124.106.53.17

🇫🇷 85.204.70.104

🇰🇷 59.16.192.32

🇬🇧 35.203.210.138

🇧🇷 20.197.238.124

🇬🇧 193.163.125.254

🇪🇸 130.49.78.56

🇺🇸 91.230.168.14

🇺🇸 91.230.168.6

🇩🇪 69.5.169.116

🇮🇳 57.159.30.22

🇭🇰 223.197.248.209

🇺🇸 195.184.76.206

🇵🇱 194.180.49.217

🇧🇷 187.110.238.50

🇸🇪 157.22.45.143