JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.182.213.2

172.182.213.2 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.182.213.2

Whois 172.182.213.2

IP Abuse Reports for 172.182.213.2:

This IP address has been reported a total of 51 times from 44 distinct sources. 172.182.213.2 was first reported on October 6th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mw	2026-06-04 00:43:42 (9 hours ago)	Web App Attack	Web App Attack
🇬🇧 andypiper	2026-06-03 01:00:21 (1 day ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 mw	2026-06-03 00:16:36 (1 day ago)	Web App Attack	Web App Attack
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 22:42:37 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 172.182.213.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.182.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 18:42:33.630913 2026] [security2:error] [pid 19220:tid 19220] [client 172.182.213.2:1989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.9"] [uri "/.git/HEAD"] [unique_id "ah9cWc9Ab4kViXnSGGjYqQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Kepler-1649c	2026-06-02 22:05:21 (1 day ago)	Detected Attack: HTPasswd.Access	Hacking
🇺🇸 TPI-Abuse	2026-06-02 21:22:06 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 172.182.213.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.182.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:21:37.070700 2026] [security2:error] [pid 13142:tid 13142] [client 172.182.213.2:1997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.19"] [uri "/.git/HEAD"] [unique_id "ah9JYT6kOo6eZuNMfh8hBQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 barbarella	2026-06-02 21:17:11 (1 day ago)	Multiple (9) times attack on http port 80: hacking attempt of version control system (GET /.git/HEAD ... show more Multiple (9) times attack on http port 80: hacking attempt of version control system (GET /.git/HEAD) 21:17:13 Configuration snooping with .env file (GET /.env) 21:17:17 Configuration snooping with modified .env.* file (GET /.env.backup) 21:17:18 Configuration snooping with modified .env.* file (GET /.env.save) 21:17:20 Hacking attempt of Wordpress (GET /wp-config.php) 21:17:25 PHP Configuration snooping with phpinfo file (GET /phpinfo.php) 21:17:34 Tried to access database management (GET /backup.sql) 21:17:41 hacking attempt (POST /___proxy_subdomain_whm/login/?login_only=1) 21:17:42 hacking attempt (GET /___proxy_subdomain_whm/login/) show less	Hacking Web App Attack
🇬🇧 sandra361	2026-06-02 21:05:01 (1 day ago)	Port scan detected: 7 attempts across 7 ports (2082,2083,2086,443,80,8080,8443). \| Evidence: GHOST_S ... show more Port scan detected: 7 attempts across 7 ports (2082,2083,2086,443,80,8080,8443). \| Evidence: GHOST_SCAN:IN=enp1s0f0 OUT= SRC=172.182.213.2 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=55335 DF PROTO=TCP SPT=1985 DPT=2086 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
Anonymous	2026-06-02 21:03:57 (1 day ago)	PORT & IP Scan.	Port Scan Brute-Force
🇫🇷 Richie	2026-06-02 20:48:01 (1 day ago)	[HOST2] Port Scan detected	Port Scan
🇫🇷 dynamix	2026-06-02 20:04:50 (1 day ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-06-02 19:46:06 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 Hulk Smash	2026-06-02 18:53:20 (1 day ago)	Automated report, webserver-auth troll for exploits and/or SSH Attempts	Brute-Force Hacking
🇺🇸 RAP	2026-06-02 17:44:11 (1 day ago)	2026-06-02 17:44:11 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 172.94.9.120

🇺🇸 162.214.126.112

🇦🇷 148.222.130.110

🇷🇴 92.118.39.236

🇺🇸 72.239.145.229

🇺🇸 47.42.131.93

🇧🇷 189.201.197.8

🇵🇰 182.183.152.4

🇧🇷 177.194.81.22

🇧🇷 177.184.71.117

🇰🇷 175.204.181.248

🇺🇸 118.193.77.50

🇺🇸 104.28.158.253

🇨🇳 101.96.199.69

🇺🇸 91.230.168.120

🇪🇸 82.223.24.195

🇧🇬 79.124.40.126

🇺🇸 64.62.156.80

🇬🇧 35.203.211.182

🇳🇱 20.71.254.235