JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.182.224.162

172.182.224.162 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 94%: ?

94%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.182.224.162

Whois 172.182.224.162

IP Abuse Reports for 172.182.224.162:

This IP address has been reported a total of 46 times from 32 distinct sources. 172.182.224.162 was first reported on September 21st 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-15 10:40:05 (5 days ago)	tcp port scan (20 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-15 09:43:57 (5 days ago)	tcp/2078 (2 or more attempts)	Port Scan
🇫🇷 masterguru	2026-06-15 06:05:16 (5 days ago)	Host header is a numeric IP address. Pattern match "^ (920350-131)	Hacking Bad Web Bot
🇫🇷 Little Iguana	2026-06-15 05:55:48 (5 days ago)	trying to access non-authorized port	Port Scan
🇧🇷 maviei	2026-06-15 05:55:17 (5 days ago)	2026-06-15T02:55:16.633620-03:00 srv1251771 kernel: [1269746.077344] [UFW BLOCK] IN=eth0 OUT= MAC=40 ... show more 2026-06-15T02:55:16.633620-03:00 srv1251771 kernel: [1269746.077344] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.182.224.162 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=13307 DF PROTO=TCP SPT=60739 DPT=2078 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-15T02:55:16.634768-03:00 srv1251771 kernel: [1269746.078370] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.182.224.162 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=43 ID=24446 DF PROTO=TCP SPT=60741 DPT=2095 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-15T02:55:16.635312-03:00 srv1251771 kernel: [1269746.078399] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.182.224.162 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=62107 DF PROTO=TCP SPT=60742 DPT=2086 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-06-15 05:25:28 (5 days ago)	Honeypot hit: Empty payload (likely service probe); 2083 [1] TCP Reported by: https://github.com/sef ... show more Honeypot hit: Empty payload (likely service probe); 2083 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇫🇷 LoneRider	2026-06-15 05:03:21 (5 days ago)	[15/Jun/2026:07:03:18.164024 +0200] ai-Hlu3huymUA-0lhCTqkAAAAAc 172.182.224.162 38674 127.0.0.1 7080 ... show more [15/Jun/2026:07:03:18.164024 +0200] ai-Hlu3huymUA-0lhCTqkAAAAAc 172.182.224.162 38674 127.0.0.1 7080 [15/Jun/2026:07:03:19.318010 +0200] ai-HlwlF3N-jIzILopBjGwAAAA0 172.182.224.162 38678 127.0.0.1 7080 [15/Jun/2026:07:03:21.142782 +0200] ai-HmTHoac_rl8avUwTG2gAAAAY 172.182.224.162 34596 127.0.0.1 7080 ... show less	Hacking
🇫🇷 dwmp	2026-06-15 04:54:33 (5 days ago)	[15/Jun/2026:06:54:25.749817 +0200] ai@FgRvu8xRaU-Ps47aWiAAAAJI 172.182.224.162 57956 38.242.227.117 ... show more [15/Jun/2026:06:54:25.749817 +0200] ai@FgRvu8xRaU-Ps47aWiAAAAJI 172.182.224.162 57956 38.242.227.117 7080 [15/Jun/2026:06:54:29.157828 +0200] ai@FhcZK7EU5Q@1DnFPI@gAAAAs 172.182.224.162 57958 38.242.227.117 7080 [15/Jun/2026:06:54:33.057065 +0200] ai@FieZH68-07mAH6bQLeAAAAEI 172.182.224.162 57962 38.242.227.117 7080 ... show less	Brute-Force SSH
Anonymous	2026-06-15 03:55:03 (5 days ago)	172.182.224.162 - - [15/Jun/2026:05:54:58 +0200] "GET /backup.sql HTTP/1.1" 301 162 "-" "Mozilla/5.0 ... show more 172.182.224.162 - - [15/Jun/2026:05:54:58 +0200] "GET /backup.sql HTTP/1.1" 301 162 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:56:17 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.224.162 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.182.224.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:56:10.925617 2026] [security2:error] [pid 1436:tid 1436] [client 172.182.224.162:60492] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.4"] [uri "/.env"] [unique_id "ai9bug92ROBW1BowNQL8EAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-15 01:29:00 (5 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 xmission.com	2026-06-15 01:26:02 (5 days ago)	Blocked by UFW (TCP on 2078) Source port: 60618 TTL: 52 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 60618 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 172.182.224.162) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 dynamix	2026-06-15 00:32:38 (5 days ago)	Multiple WAF Violations	Web App Attack
🇧🇷 SOC PR	2026-06-07 07:44:37 (1 week ago)	IPS: Web Server Exposed Git Repository Information Disclosure.	Hacking
🇨🇱 Denis Chavez	2026-06-07 07:19:25 (1 week ago)	Fail2Ban detected malicious activity on Nginx	Brute-Force SSH Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 161.18.234.168

🇺🇸 96.78.175.36

🇭🇰 47.82.75.232

🇬🇹 190.61.100.167

🇦🇷 186.39.158.218

🇿🇦 165.165.132.134

🇨🇳 112.86.225.14

🇮🇳 106.205.203.11

🇳🇱 91.92.40.50

🇺🇸 44.222.69.91

🇸🇬 43.160.204.7

🇨🇴 38.51.233.74

🇬🇧 35.203.210.221

🇺🇸 20.168.0.72

🇮🇪 207.254.29.22

🇳🇱 185.93.89.167

🇬🇧 185.91.69.196

🇮🇩 182.9.34.54

🇻🇳 160.250.132.20

🇨🇴 149.78.168.69