JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.184.211.166

172.184.211.166 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 60%: ?

60%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.184.211.166

Whois 172.184.211.166

IP Abuse Reports for 172.184.211.166:

This IP address has been reported a total of 21 times from 15 distinct sources. 172.184.211.166 was first reported on November 18th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Little Iguana	2026-06-15 06:09:03 (1 day ago)	trying to access non-authorized port	Port Scan
🇹🇼 kk_it_man	2026-06-15 05:40:12 (1 day ago)		Port Scan
🇹🇷 SeczarSecureOps	2026-06-15 05:04:14 (1 day ago)	Seczar SecureOps — Port Scan Detection (8 events) — quarantined 43200m on fwofis	Port Scan
🇷🇸 Scan	2026-06-15 01:33:35 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇦🇹 urnilxfgbez	2026-06-11 22:45:00 (4 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 centurion	2026-06-11 01:15:19 (5 days ago)	Unauthorized attempt on uptime [2087/tcp] Source port: 40906 TTL: 50 Packet length: 60 TOS: 0x00 htt ... show more Unauthorized attempt on uptime [2087/tcp] Source port: 40906 TTL: 50 Packet length: 60 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇷🇸 Scan	2026-06-11 00:20:48 (5 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-10 23:11:35 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.184.211.166 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.184.211.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 19:11:28.203479 2026] [security2:error] [pid 8836:tid 8839] [client 172.184.211.166:40059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.14"] [uri "/.git/HEAD"] [unique_id "ainvIJVeCzuqokywqQP2cgAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 21:07:25 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.184.211.166 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.184.211.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 17:07:21.909257 2026] [security2:error] [pid 13809:tid 13809] [client 172.184.211.166:39410] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.247"] [uri "/.git/HEAD"] [unique_id "ainSCZ--V5imvgYHK_wDbQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 20:42:09 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.184.211.166 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.184.211.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:42:02.727874 2026] [security2:error] [pid 32656:tid 32656] [client 172.184.211.166:40490] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.187"] [uri "/.git/HEAD"] [unique_id "ainMGgo7rVr5tMLtG2lZjAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 20:14:12 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.184.211.166 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.184.211.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:14:08.790779 2026] [security2:error] [pid 11322:tid 11322] [client 172.184.211.166:40848] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.219"] [uri "/.git/HEAD"] [unique_id "ainFkCPd34uBdCHIbisACgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ByeByte API	2026-06-01 21:28:01 (2 weeks ago)	Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 8848. Single burst at 202 ... show more Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 8848. Single burst at 2026-06-01 21:28 UTC. show less	Port Scan
🇺🇸 Cyber Crusader	2026-06-01 13:15:19 (2 weeks ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇩🇪 2048	2026-05-25 19:50:43 (3 weeks ago)	2026-05-25T21:50:40.775816+02:00 machodeer kernel: [2446558.129336] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-25T21:50:40.775816+02:00 machodeer kernel: [2446558.129336] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.184.211.166 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=14226 DF PROTO=TCP SPT=14283 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-25T21:50:41.819620+02:00 machodeer kernel: [2446559.173137] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.184.211.166 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=14227 DF PROTO=TCP SPT=14283 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-25T21:50:42.843613+02:00 machodeer kernel: [2446560.197116] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.184.211.166 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=14228 DF PROTO=TCP SPT=14283 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇷🇺 green_elephant	2026-04-26 12:10:28 (1 month ago)	ET SCAN Potential SSH Scan (172.184.211.166:18368 -> port 22) \| packets: 2	Port Scan Brute-Force SSH

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.191.48.6

🇨🇳 117.35.104.62

🇳🇱 91.92.40.124

🇫🇷 85.217.140.22

🇧🇬 79.124.62.126

🇷🇴 2.57.121.25

🇬🇧 2a06:4880:2000::

🇫🇷 194.163.162.229

🇮🇩 180.242.69.205

🇮🇳 172.253.220.29

🇩🇪 167.94.146.59

🇺🇸 162.216.150.201

🇺🇸 66.132.186.219

🇮🇳 59.98.148.5

🇫🇷 51.68.34.131

🇳🇱 45.148.10.147

🇬🇧 217.154.45.93

🇩🇪 167.94.146.34

🇭🇰 119.246.15.94

🇳🇱 45.148.10.15