JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.182.225.162

172.182.225.162 was found in our database!

This IP was reported 96 times. Confidence of Abuse is 89%: ?

89%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.182.225.162

Whois 172.182.225.162

IP Abuse Reports for 172.182.225.162:

This IP address has been reported a total of 96 times from 72 distinct sources. 172.182.225.162 was first reported on January 25th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 12:40:27 (4 days ago)	172.182.225.162 - - [02/Jun/2026:12:40:27 +0000] "GET /.env.local HTTP/1.1" 404 400 "-" "Mozilla/5.0 ... show more 172.182.225.162 - - [02/Jun/2026:12:40:27 +0000] "GET /.env.local HTTP/1.1" 404 400 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 12:20:16 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.225.162 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.182.225.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 08:20:09.011187 2026] [security2:error] [pid 810:tid 810] [client 172.182.225.162:46096] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.193"] [uri "/.env"] [unique_id "ah7KedmM5nWvD6XSo6mAKgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 11:55:30 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.225.162 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.182.225.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:55:23.065054 2026] [security2:error] [pid 30480:tid 30480] [client 172.182.225.162:46105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.13"] [uri "/.git/HEAD"] [unique_id "ah7Eq1ZtQkhbf0SczsSCOQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 11:34:01 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.225.162 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.182.225.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:33:54.987427 2026] [security2:error] [pid 18935:tid 18935] [client 172.182.225.162:46101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.229"] [uri "/.git/HEAD"] [unique_id "ah6_oiR6DPAlRuFofpOKjwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-02 09:24:55 (4 days ago)	Too many 404 requests [BY]	Web App Attack
🇩🇪 EinfxchFinn	2026-06-02 08:52:02 (4 days ago)	Unauthorized connection attempt to port 443 from 172.182.225.162	Port Scan
🇺🇸 KitsuneTech	2026-06-02 08:42:14 (4 days ago)	172.182.225.162 - - [02/Jun/2026:03:42:13 -0500] "GET /wp-config.php HTTP/1.1" 301 244 "-" "Mozilla/ ... show more 172.182.225.162 - - [02/Jun/2026:03:42:13 -0500] "GET /wp-config.php HTTP/1.1" 301 244 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Web App Attack
🇹🇭 Sawasdee	2026-06-02 07:58:31 (4 days ago)	Port Scan ...	Port Scan
🇹🇭 MWA SOC	2026-06-02 06:49:10 (4 days ago)		Hacking
🇯🇵 VXG-NET	2026-06-02 05:58:21 (4 days ago)	port=80, indicator_type=info-leak	Hacking
🇺🇸 RAP	2026-06-02 04:29:59 (4 days ago)	2026-06-02 04:29:59 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇧🇷 chronos	2026-06-02 04:22:11 (4 days ago)	Web traffic. Possible probing or exploitation attempts. \| Port: 443 \| Proto: TCP \| Location: United ... show more Web traffic. Possible probing or exploitation attempts. \| Port: 443 \| Proto: TCP \| Location: United States, Phoenix show less	Bad Web Bot Hacking Web App Attack
🇩🇪 ghostwarriors	2026-06-02 03:20:10 (4 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-02 02:46:47 (4 days ago)	Honeypot detection: Ransomware precursor activity or payload delivery on port 8443. Severity: CRITIC ... show more Honeypot detection: Ransomware precursor activity or payload delivery on port 8443. Severity: CRITICAL. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-02 02:36:05 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 172.182.225.162 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.182.225.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 22:35:57.826078 2026] [security2:error] [pid 12320:tid 12329] [client 172.182.225.162:29080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.133"] [uri "/.git/config"] [unique_id "ah5BjUxUI0F2F6thMq46KQAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 96 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.156.87.93

🇬🇧 217.146.80.121

🇰🇷 211.63.187.238

🇸🇬 193.37.32.69

🇺🇸 165.154.255.26

🇺🇸 154.28.229.92

🇺🇸 208.87.243.131

🇰🇷 121.165.187.77

🇺🇸 67.215.244.153

🇺🇸 52.225.83.240

🇳🇱 45.148.10.183

🇨🇭 45.143.200.246

🇳🇱 2a13:adc0::2db:cfff:fe2b:2b8a

🇺🇸 186.233.184.67

🇨🇳 182.54.23.197

🇧🇷 177.20.192.30

🇨🇳 175.4.104.50

🇨🇳 122.96.28.183

🇨🇳 122.96.28.12

🇳🇱 80.82.70.228