JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.182.192.144

172.182.192.144 was found in our database!

This IP was reported 204 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.182.192.144

Whois 172.182.192.144

IP Abuse Reports for 172.182.192.144:

This IP address has been reported a total of 204 times from 145 distinct sources. 172.182.192.144 was first reported on October 2nd 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-16 05:10:25 (3 days ago)	tcp port scan (20 or more attempts)	Port Scan
🇷🇸 Scan	2026-06-16 00:01:06 (4 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 Holger	2026-06-11 09:27:16 (1 week ago)	WordPress WebAttack	Brute-Force Web App Attack
🇸🇪 Per-Erik Runebert	2026-06-06 08:39:35 (1 week ago)	Malicious vulnerability hacking attacks	Hacking Web App Attack
🇨🇿 sweet_acid	2026-06-05 23:34:39 (2 weeks ago)	Local web evidence: family=exploit_probe; path=/wp/xmlrpc.php; enforce_count=10; active_ban_hits=0	Web App Attack Hacking
🇪🇸 Gem	2026-06-05 22:10:00 (2 weeks ago)	Unauthorized web scan.	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-05 05:13:43 (2 weeks ago)	9 attacks on PHP URLs: POST /wp/xmlrpc.php HTTP/1.1	Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 02:41:58 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 172.182.192.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 172.182.192.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 22:41:54.605952 2026] [security2:error] [pid 2291:tid 2291] [client 172.182.192.144:9431] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 172.182.192.144 (+1 hits since last alert)\|greensborolimobus.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greensborolimobus.com"] [uri "/wp/xmlrpc.php"] [unique_id "aiI3ctMY886nUaQMifVZtQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 02:20:10 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 172.182.192.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 172.182.192.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 22:20:04.882344 2026] [security2:error] [pid 7770:tid 7770] [client 172.182.192.144:9665] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 172.182.192.144 (+1 hits since last alert)\|jkperis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jkperis.com"] [uri "/wp/xmlrpc.php"] [unique_id "aiIyVBMJvMBIgJcB8_2iawAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RH5	2026-06-05 02:07:01 (2 weeks ago)	Restricted URL probing (/xmlrpc.php) (UTC 2026-06-05 02:07)	Web App Attack
Anonymous	2026-06-05 01:37:18 (2 weeks ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 01:31:42 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 172.182.192.144 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 172.182.192.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 21:31:38.665344 2026] [security2:error] [pid 31342:tid 31431] [client 172.182.192.144:9815] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 172.182.192.144 (+1 hits since last alert)\|jonneher.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jonneher.com"] [uri "/wp/xmlrpc.php"] [unique_id "aiIm-uM2v2BRacAHjdYzNQAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-05 01:25:49 (2 weeks ago)	[FriJun0503:25:45.4819562026][security2:error][pid2720592:tid2720911][client172.182.192.144:0]ModSec ... show more [FriJun0503:25:45.4819562026][security2:error][pid2720592:tid2720911][client172.182.192.144:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"annunci-ticino.ch\"][uri\"/wp/xmlrpc.php\"][unique_id\"aiIlmWgHEL-WGsPKritghAAAAIc\"] show less	Hacking Web App Attack
🇩🇪 pltcldvlpr	2026-06-05 01:22:24 (2 weeks ago)	CMS/framework probe: 172.182.192.144 - - [05/Jun/2026:03:22:24 +0200] "POST /wp/xmlrpc.php HTTP/1.1" ... show more CMS/framework probe: 172.182.192.144 - - [05/Jun/2026:03:22:24 +0200] "POST /wp/xmlrpc.php HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" asn=8075 org="Microsoft Corporation" country=US ... show less	Web App Attack
🇬🇧 venus.launch.bz	2026-06-05 01:18:31 (2 weeks ago)	(wpscan) WordPress probe detected from 172.182.192.144 (US/United States/-)	Hacking

Showing 1 to 15 of 204 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.88

🇮🇳 92.4.76.12

🇳🇱 45.148.10.151

🇳🇿 202.36.248.10

🇺🇸 173.31.227.112

🇺🇸 162.216.150.150

🇯🇵 160.251.206.106

🇩🇪 155.117.127.214

🇫🇮 147.185.133.216

🇺🇸 136.107.210.137

🇨🇳 118.145.225.50

🇩🇪 91.107.190.89

🇳🇱 45.148.10.152

🇷🇺 45.92.177.186

🇸🇬 43.160.253.60

🇳🇱 2a06:a880:5:5e47::1

🇩🇪 213.209.159.56

🇧🇪 198.235.24.249

🇻🇳 180.93.137.9

🇦🇺 158.178.141.16