JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.182.212.3

172.182.212.3 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 71%: ?

71%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.182.212.3

Whois 172.182.212.3

IP Abuse Reports for 172.182.212.3:

This IP address has been reported a total of 29 times from 24 distinct sources. 172.182.212.3 was first reported on September 14th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Selckie	2026-06-06 13:25:50 (2 hours ago)	fail2ban: NGINX unusual impact	Web App Attack
🇺🇸 SuperCores Hosting	2026-06-06 09:02:19 (6 hours ago)	[2026-06-06 09:02:19.047440] TELNET/8080 Unautorized connection, Suspicious Mirai Botnet.	IoT Targeted Brute-Force Hacking Port Scan DDoS Attack
Anonymous	2026-06-06 06:24:42 (9 hours ago)	[Sat Jun 06 08:24:40.415663 2026] [:error] [pid 2479866:tid 2479866] [client 172.182.212.3:1740] Mod ... show more [Sat Jun 06 08:24:40.415663 2026] [:error] [pid 2479866:tid 2479866] [client 172.182.212.3:1740] ModSecurity: Warning. Matched "Operator `PmFromFile' with parameter `restricted-files.data' against variable `REQUEST_FILENAME' (Value: `/.git/HEAD' ) [file "/usr/local/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "131"] [id "930130"] [rev ""] [msg "Restricted File Access Attempt"] [data "Matched Data: .git/ found within REQUEST_FILENAME: /.git/HEAD"] [severity "2"] [ver "OWASP_CRS/4.28.0-dev"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-LFI"] [tag "capec/1000/255/153/126"] [uri "/.git/HEAD"] [unique_id "178072708052.555671"] [ref "o1,5v4,10t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin"] [Sat Jun 06 08:24:41.444005 2026] [:error] [pid 2479867:tid 2479867] [client 172.182.212.3:1797] ModSecurit ... show less	Web App Attack
🇦🇹 vikal	2026-06-06 06:07:03 (9 hours ago)	172.182.212.3 - - [06/Jun/2026:08:07:03 +0200] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 (M ... show more 172.182.212.3 - - [06/Jun/2026:08:07:03 +0200] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Brute-Force SSH
🇺🇸 MPL	2026-06-03 06:43:49 (3 days ago)	tcp port scan (16 or more attempts)	Port Scan
🇧🇾 lns.bz	2026-06-03 06:21:25 (3 days ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 05:08:49 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.212.3 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.182.212.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:08:44.448348 2026] [security2:error] [pid 13711:tid 13711] [client 172.182.212.3:6417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.214"] [uri "/.git/HEAD"] [unique_id "ah-23LXichBucmwN2Y8HlgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 04:45:53 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.212.3 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.182.212.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:45:45.393831 2026] [security2:error] [pid 3770:tid 3770] [client 172.182.212.3:6473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.114"] [uri "/.env.backup"] [unique_id "ah-xea8fKOctGDUZ5jb4egAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 04:13:21 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.212.3 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.182.212.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:13:14.331292 2026] [security2:error] [pid 20084:tid 20084] [client 172.182.212.3:6765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.67"] [uri "/.git/HEAD"] [unique_id "ah-p2iSXx2lWV-Zrlgj5jAAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 maxpower	2026-06-03 03:10:28 (3 days ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 172.182.212.3 (US/United States/-): 2 in ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 172.182.212.3 (US/United States/-): 2 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026/06/03 05:10:20 [error] 4003225#4003225: 837562 access forbidden by rule, client: 172.182.212.3, server: fisacabruzzo.com, request: "GET /wp-config.php.bak HTTP/1.1", host: "51.89.2.98" 172.182.212.3 - - [03/Jun/2026:05:10:21 +0200] "GET /.aws/credentials HTTP/1.1" 404 10387 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "-" host=51.89.2.98 show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 02:47:52 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.212.3 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.182.212.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 22:47:44.849700 2026] [security2:error] [pid 24582:tid 24582] [client 172.182.212.3:6352] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.203"] [uri "/.git/config"] [unique_id "ah-V0DgpANIEmkqT3FnfXgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 02:47:46 (3 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 big-cloud.nl	2026-05-25 02:14:31 (1 week ago)	Try to access /config/.env	Web App Attack
🇫🇷 dynamix	2026-05-25 00:41:22 (1 week ago)	Multiple WAF Violations	Web App Attack
🇷🇺 Reaper	2026-05-25 00:39:07 (1 week ago)	Repeated 404 errors from 172.182.212.3	Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.241.173.229

🇧🇷 177.11.196.79

🇮🇳 167.71.239.213

🇨🇳 153.35.209.91

🇨🇳 121.61.156.232

🇨🇳 116.178.129.33

🇺🇿 84.54.70.78

🇳🇱 2a00:1450:4013:c06::122

🇺🇸 64.62.197.38

🇧🇬 5.188.206.30

🇳🇱 5.61.209.33

🇻🇳 222.254.47.36

🇱🇹 141.98.11.34

🇸🇬 47.128.16.19

🇰🇭 220.158.233.26

🇺🇦 217.147.172.82

🇺🇸 157.245.133.163

🇬🇧 92.207.4.157

🇺🇿 84.54.72.66

🇳🇱 45.148.10.147