JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 132.196.82.5

132.196.82.5 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 69%: ?

69%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 132.196.82.5

Whois 132.196.82.5

IP Abuse Reports for 132.196.82.5:

This IP address has been reported a total of 28 times from 22 distinct sources. 132.196.82.5 was first reported on July 15th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 sid3windr	2026-06-03 16:13:05 (1 day ago)	GET /.git/HEAD (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇺🇸 ISPLtd	2026-06-02 04:20:21 (2 days ago)	Jun 1 22:20:21 132.196.82.5 TCP SPT=61206 DPT=2087 SYN Jun 1 22:20:21 132.196.82.5 TCP SPT=61698 D ... show more Jun 1 22:20:21 132.196.82.5 TCP SPT=61206 DPT=2087 SYN Jun 1 22:20:21 132.196.82.5 TCP SPT=61698 DPT=8080 SYN Jun 1 22:20:21 132.196.82.5 TCP SPT=61223 DPT=2082 ... show less	Port Scan
🇳🇱 Savvii	2026-06-02 04:18:16 (2 days ago)	15 attempts against mh-modsecurity-ban on shelf	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 04:06:18 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 132.196.82.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 132.196.82.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 00:06:13.715216 2026] [security2:error] [pid 12098:tid 12119] [client 132.196.82.5:61754] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.85"] [uri "/.git/HEAD"] [unique_id "ah5WtQO0w2wPMBt0tpkCswAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 03:27:34 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 132.196.82.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 132.196.82.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 23:27:30.268153 2026] [security2:error] [pid 8393:tid 8393] [client 132.196.82.5:61199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.19"] [uri "/.git/HEAD"] [unique_id "ah5Nov3G-hOoYPR9W92MMQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 02:06:07 (2 days ago)	Trying to access config files	Web App Attack
🇳🇱 EGP Abuse Dept	2026-06-02 01:44:28 (2 days ago)	Unauthorized connection to proxy port 8080	Port Scan Hacking
Anonymous	2026-06-02 01:10:02 (2 days ago)	suspicious request in access.log	Web App Attack
🇫🇷 Lunix	2026-06-02 00:48:37 (2 days ago)		Brute-Force Web App Attack
🇫🇷 sthoyer.de	2026-06-02 00:39:24 (2 days ago)	Jun 2 02:39:23 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd: ... show more Jun 2 02:39:23 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=132.196.82.5 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=46690 DF PROTO=TCP SPT=61200 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 02:39:23 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=132.196.82.5 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=36872 DF PROTO=TCP SPT=61237 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 02:39:23 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=132.196.82.5 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=12299 DF PROTO=TCP SPT=61185 DPT=2082 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 02:39:23 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=132.196.82.5 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=35087 DF PROTO=TCP SPT=61189 DPT=2086 WINDOW=642 ... show less	Port Scan
🇷🇸 Scan	2026-06-02 00:08:26 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 getdk	2026-06-01 23:52:58 (2 days ago)	[Mon Jun 01 23:52:51.667267 2026] [security2:error] [pid 1198701] [client 132.196.82.5:61828] [clien ... show more [Mon Jun 01 23:52:51.667267 2026] [security2:error] [pid 1198701] [client 132.196.82.5:61828] [client 132.196.82.5] ModSecurity: Access denied with code 403 (phas ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 pduggusa	2026-03-31 00:05:48 (2 months ago)	Detected attacking dugganusa.com at 2026-03-31T00:05:48.250Z \| Attack: Web Service \| Source: DugganU ... show more Detected attacking dugganusa.com at 2026-03-31T00:05:48.250Z \| Attack: Web Service \| Source: DugganUSA PreCog auto-block show less	Hacking
🇺🇸 Rayulcifer	2026-03-18 21:18:32 (2 months ago)	132.196.82.5 - - [18/Mar/2026:16:18:31 -0500] "CONNECT www.santosfc.com.br:443 HTTP/1.1" 502 488 "-" ... show more 132.196.82.5 - - [18/Mar/2026:16:18:31 -0500] "CONNECT www.santosfc.com.br:443 HTTP/1.1" 502 488 "-" "-" 132.196.82.5 - - [18/Mar/2026:16:18:31 -0500] "\x16\x03\x01\x02" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇳🇱 gokhansah1n	2026-03-01 04:34:53 (3 months ago)	2026-03-01T07:34:34.273492openvpn sshd[934674]: Failed password for root from 132.196.82.5 port 1538 ... show more 2026-03-01T07:34:34.273492openvpn sshd[934674]: Failed password for root from 132.196.82.5 port 15388 ssh2 2026-03-01T07:34:39.620557openvpn sshd[934683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.196.82.5 user=root 2026-03-01T07:34:40.955337openvpn sshd[934683]: Failed password for root from 132.196.82.5 port 15363 ssh2 2026-03-01T07:34:49.415650openvpn sshd[934687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.196.82.5 user=root 2026-03-01T07:34:51.457866openvpn sshd[934687]: Failed password for root from 132.196.82.5 port 15361 ssh2 2026-03-01T07:34:51.125700openvpn sshd[934688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.196.82.5 user=root 2026-03-01T07:34:53.107810openvpn sshd[934688]: Failed password for root from 132.196.82.5 port 15364 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 117.242.241.75

🇬🇧 193.163.125.76

🇬🇧 185.247.137.29

🇧🇷 177.182.154.210

🇺🇸 147.185.132.51

🇸🇬 146.190.83.66

🇧🇩 114.130.85.36

🇧🇷 108.179.193.10

🇩🇪 88.214.25.123

🇺🇸 45.55.185.224

🇩🇪 165.22.30.139

🇺🇸 103.234.62.68

🇩🇪 80.91.79.223

🇵🇭 61.28.144.154

🇲🇾 47.250.120.139

🇳🇱 45.156.87.34

🇺🇸 3.144.241.35

🇺🇸 185.92.182.129

🇩🇪 172.70.248.57

🇺🇸 137.184.190.246