JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 145.132.103.177

145.132.103.177 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 145.132.103.177

Whois 145.132.103.177

IP Abuse Reports for 145.132.103.177:

This IP address has been reported a total of 55 times from 41 distinct sources. 145.132.103.177 was first reported on July 29th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Axel	2026-06-15 07:21:25 (1 week ago)	Blocked by UFW on MVI [80/tcp] \| SPT: 63371 \| TTL: 49 \| LEN: 60 \| TOS: 0x00 • Reported by: github.co ... show more Blocked by UFW on MVI [80/tcp] \| SPT: 63371 \| TTL: 49 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 gu-alvareza	2026-06-10 07:05:32 (2 weeks ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇦🇹 urnilxfgbez	2026-06-09 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-09 21:27:16 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 145.132.103.177 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 145.132.103.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 17:27:08.089491 2026] [security2:error] [pid 14050:tid 14050] [client 145.132.103.177:4122] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.156"] [uri "/.git/HEAD"] [unique_id "aiiFLDIGTgmUGe-KS6jwpQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-09 21:13:47 (2 weeks ago)	tcp port scan (24 or more attempts)	Port Scan
🇺🇸 Mark--	2026-06-09 20:20:24 (2 weeks ago)	Unauthorized connection attempt detected port 8080	Hacking
🇩🇪 ghostwarriors	2026-06-09 20:20:12 (2 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 sumnone	2026-06-09 20:11:04 (2 weeks ago)	Port probing on unauthorized port 2087	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-09 19:34:09 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 145.132.103.177 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 145.132.103.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:34:02.514849 2026] [security2:error] [pid 2918:tid 2918] [client 145.132.103.177:4674] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.217"] [uri "/.git/HEAD"] [unique_id "aihqqqHq37AdgLbjekjoJwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 onlyops.app	2026-06-09 19:00:04 (2 weeks ago)	Web application firewall (ModSecurity) detected malicious traffic \| detected by Fail2Ban (plesk-mods ... show more Web application firewall (ModSecurity) detected malicious traffic \| detected by Fail2Ban (plesk-modsecurity jail) \| onlyops.app show less	Exploited Host
🇺🇸 MPL	2026-06-09 18:47:16 (2 weeks ago)	tcp port scan (8 or more attempts)	Port Scan
🇰🇷 enp0s1	2026-06-09 18:11:58 (2 weeks ago)	Auto-reported by Fail2Ban (UFW Block, Port Scan)	Port Scan
🇭🇰 mutebot.net	2026-06-09 18:05:47 (2 weeks ago)	SRC=145.132.103.177, PROTO=TCP, SPT=5186, DPT=8080	Port Scan
🇩🇪 formality	2026-06-09 17:49:06 (2 weeks ago)	Invalid user r00t from 145.132.103.177 port 45189	Brute-Force SSH
🇩🇪 YumXac	2026-06-09 17:45:39 (2 weeks ago)	2026-06-09T19:45:31.796245+02:00 pve-osd-201 sshd[2957778]: pam_sss(sshd:auth): authentication failu ... show more 2026-06-09T19:45:31.796245+02:00 pve-osd-201 sshd[2957778]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.132.103.177 user=r00t 2026-06-09T19:45:33.982902+02:00 pve-osd-201 sshd[2957778]: Failed password for invalid user r00t from 145.132.103.177 port 45068 ssh2 2026-06-09T19:45:36.727073+02:00 pve-osd-201 sshd[2957780]: Invalid user r00t from 145.132.103.177 port 45065 2026-06-09T19:45:36.826448+02:00 pve-osd-201 sshd[2957780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.132.103.177 2026-06-09T19:45:36.826697+02:00 pve-osd-201 sshd[2957780]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.132.103.177 user=r00t 2026-06-09T19:45:38.700296+02:00 pve-osd-201 sshd[2957780]: Failed password for invalid user r00t from 145.132.103.177 port 45065 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.85.167.199

🇳🇱 185.145.13.119

🇺🇸 162.216.149.50

🇫🇮 147.185.133.69

🇨🇳 121.224.107.247

🇨🇳 106.75.147.209

🇺🇸 100.29.192.97

🇫🇷 91.231.89.241

🇳🇱 81.19.216.114

🇷🇴 80.94.92.55

🇺🇸 64.62.197.68

🇲🇾 49.124.147.120

🇧🇷 20.226.3.20

🇩🇪 217.181.88.165

🇹🇼 198.235.24.66

🇺🇸 162.216.150.100

🇩🇪 151.243.11.248

🇺🇸 147.185.132.33

🇺🇸 147.185.132.22

🇺🇸 136.118.171.211