JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.182.224.197

172.182.224.197 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 99%: ?

99%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.182.224.197

Whois 172.182.224.197

IP Abuse Reports for 172.182.224.197:

This IP address has been reported a total of 86 times from 44 distinct sources. 172.182.224.197 was first reported on July 29th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-14 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-06-14 01:54:25 (2 days ago)	2026-06-14 01:54:25 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇷🇸 Scan	2026-06-14 00:30:08 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇸🇰 EVISION	2026-06-13 15:23:30 (2 days ago)	Automatic report from EV firewall log. https://github.com/Ragnarocek/Windows_FW_AbuseIPDB_Reporti ... show more Automatic report from EV firewall log. https://github.com/Ragnarocek/Windows_FW_AbuseIPDB_Reporting ID: 6AIY3QfBzx6YavVH1qMh2QD9uNlv7yYj show less	Port Scan Hacking Brute-Force
Anonymous	2026-06-13 15:04:24 (2 days ago)	PORT & IP Scan.	Port Scan Brute-Force
🇦🇷 Bruno	2026-06-13 14:35:42 (2 days ago)	Port Scanner: 172.182.224.197	Port Scan
Anonymous	2026-06-13 14:11:49 (2 days ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
🇺🇸 xmission.com	2026-06-13 12:56:49 (2 days ago)	Blocked by UFW (TCP on 8880) Source port: 8192 TTL: 52 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 8880) Source port: 8192 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 172.182.224.197) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 london2038.com	2026-06-13 12:38:01 (2 days ago)	Connection atttempts against closed TCP ports Jun 13 14:38:00 BLOCK SRC=172.182.224.197 LEN=60 TOS=0 ... show more Connection atttempts against closed TCP ports Jun 13 14:38:00 BLOCK SRC=172.182.224.197 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=17839 DF PROTO=TCP SPT=8129 DPT=2087 WINDOW=64240 RES=0x00 SYN Jun 13 14:38:00 BLOCK SRC=172.182.224.197 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=47871 DF PROTO=TCP SPT=8129 DPT=3001 WINDOW=64240 RES=0x00 SYN Jun 13 14:38:00 BLOCK SRC=172.182.224.197 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=28722 DF PROTO=TCP SPT=8128 DPT=8000 WINDOW=64240 RES=0x00 SYN show less	Port Scan
🇳🇱 Selckie	2026-06-10 20:37:24 (5 days ago)	fail2ban: NGINX unusual impact	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 19:43:17 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.224.197 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.182.224.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:43:12.706166 2026] [security2:error] [pid 8241:tid 8241] [client 172.182.224.197:57282] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.160"] [uri "/.git/HEAD"] [unique_id "aim-UCqSOLnnbgj8Cb0vpwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 drewf.ink	2026-06-10 18:53:38 (5 days ago)	[18:53] Port scanning. Port(s) scanned: TCP/2086, TCP/2087	Port Scan
🇺🇸 TPI-Abuse	2026-06-10 17:20:18 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.224.197 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.182.224.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 13:20:11.616374 2026] [security2:error] [pid 6659:tid 6659] [client 172.182.224.197:56048] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.170"] [uri "/.git/HEAD"] [unique_id "aimcy9WwTw-9ekwiGwRsWQAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 17:03:27 (5 days ago)	[Wed Jun 10 10:03:18.505979 2026] [authz_core:error] [pid 1644285] [client 172.182.224.197:56224] AH ... show more [Wed Jun 10 10:03:18.505979 2026] [authz_core:error] [pid 1644285] [client 172.182.224.197:56224] AH01630: client denied by server configuration: /home/appowner/www/sec/.git [Wed Jun 10 10:03:19.900612 2026] [authz_core:error] [pid 1644290] [client 172.182.224.197:57297] AH01630: client denied by server configuration: /home/appowner/www/sec/.env [Wed Jun 10 10:03:20.880311 2026] [authz_core:error] [pid 1644284] [client 172.182.224.197:57300] AH01630: client denied by server configuration: /home/appowner/www/sec/.env.local [Wed Jun 10 10:03:25.871214 2026] [authz_core:error] [pid 1644287] [client 172.182.224.197:56198] AH01630: client denied by server configuration: /home/appowner/www/sec/.aws [Wed Jun 10 10:03:26.734976 2026] [authz_core:error] [pid 1644437] [client 172.182.224.197:57345] AH01630: client denied by server configuration: /home/appowner/www/sec/config ... show less	Brute-Force SSH
🇵🇹 rncbc	2026-06-10 16:36:02 (5 days ago)	[Wed Jun 10 17:36:00.054914 2026] [authz_core:error] [pid 692325:tid 692325] [client 172.182.224.197 ... show more [Wed Jun 10 17:36:00.054914 2026] [authz_core:error] [pid 692325:tid 692325] [client 172.182.224.197:56413] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/.git [Wed Jun 10 17:36:00.788276 2026] [authz_core:error] [pid 694864:tid 694864] [client 172.182.224.197:56409] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/.git [Wed Jun 10 17:36:02.341660 2026] [authz_core:error] [pid 694865:tid 694865] [client 172.182.224.197:56474] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/.env ... show less	Brute-Force Bad Web Bot Web App Attack SSH

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇰🇷 183.103.201.4

🇮🇹 172.253.12.149

🇩🇪 167.94.145.19

🇺🇸 161.35.3.215

🇺🇸 130.131.161.148

🇺🇸 109.105.209.111

🇫🇷 91.231.89.47

🇮🇷 80.191.103.21

🇫🇮 65.109.208.248

🇺🇸 64.23.156.7

🇩🇪 63.177.100.126

🇬🇧 35.203.210.148

🇫🇷 185.194.219.72

🇮🇶 185.166.25.150

🇰🇷 182.31.145.2

🇮🇳 168.144.185.145

🇫🇷 146.59.159.179

🇺🇸 143.42.1.191

🇹🇭 124.122.129.177