AbuseIPDB » 172.183.133.248
172.183.133.248
This IP was reported 10 times. Confidence of
Abuse
is 48% : ?
ISP
Microsoft Limited
Usage Type
Data Center/Web Hosting/Transit
ASN
AS8075
Domain Name
microsoft.com
Country
πΊπΈ
United States of America
City
Chicago, Illinois
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 172.183.133.248 :
This IP address has been reported a total of
10
times from
10 distinct
sources.
172.183.133.248 was first reported on
April 29th 2026 , and the most recent report was
1 week ago
Old Reports:
The most recent abuse report for this IP address is from
1 week ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
π§π·
TM
2026-06-11 14:10:00
(1 week ago)
get /.git/config
Web App Attack
πΊπΈ
kosada.com
2026-06-10 19:14:28
(1 week ago)
Web vulnerability probing: /.env.save (bogus vhost/SNI)
Web App Attack
2026-06-10 18:55:57
(1 week ago)
T: f2b 404 5x
Web App Attack
π°π·
MW
2026-06-10 17:40:50
(1 week ago)
172.183.133.248 - - [11/Jun/2026:02:40:46 +0900] "GET /.git/HEAD HTTP/1.1" 404 4216 "-" "Mozilla/5.0 ...
show more
172.183.133.248 - - [11/Jun/2026:02:40:46 +0900] "GET /.git/HEAD HTTP/1.1" 404 4216 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0"
172.183.133.248 - - [11/Jun/2026:02:40:47 +0900] "GET /.git/config HTTP/1.1" 404 4216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0"
172.183.133.248 - - [11/Jun/2026:02:40:49 +0900] "GET /.env HTTP/1.1" 404 4216 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15"
show less
Bad Web Bot
Web App Attack
π©πͺ
zupan
2026-06-10 17:32:15
(1 week ago)
Blocked by UFW on vps [8080/tcp] | SPT: 58306 | TTL: 40 | LEN: 60 | TOS: 0x00 β’ Reported by: github. ...
show more
Blocked by UFW on vps [8080/tcp] | SPT: 58306 | TTL: 40 | LEN: 60 | TOS: 0x00 β’ Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
πΊπΈ
MPL
2026-06-10 17:28:57
(1 week ago)
tcp port scan (8 or more attempts)
Port Scan
π§πΎ
lns.bz
2026-06-10 17:25:18
(1 week ago)
Too many 404 requests [BY]
Web App Attack
πΊπΈ
itsnixk
2026-06-10 16:13:29
(1 week ago)
(mod_security) mod_security (id:920350) triggered by 172.183.133.248 (US/United States/-): 1 in the ...
show more
(mod_security) mod_security (id:920350) triggered by 172.183.133.248 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 10 12:13:27.281422 2026] [security2:error] [pid 155213:tid 155316] [client 172.183.133.248:58271] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+|\\\\[[\\\\da-f:]+\\\\]|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/.git/config"] [unique_id "aimNJy5CI_l3yoESktuabwAAACQ"]
show less
Port Scan
π―π΅
demonsword
2026-05-10 09:44:41
(1 month ago)
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ...
show more
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: www.gstatic.com:443
show less
Open Proxy
Port Scan
2026-04-29 05:08:55
(1 month ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
Showing 1 to
10
of 10 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: