JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.202.100.50

172.202.100.50 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 62%: ?

62%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.202.100.50

Whois 172.202.100.50

IP Abuse Reports for 172.202.100.50:

This IP address has been reported a total of 21 times from 18 distinct sources. 172.202.100.50 was first reported on March 14th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ParaBug	2026-06-14 18:45:50 (9 hours ago)	172.202.100.50 - - [14/Jun/2026:20:45:49 +0200] "GET /.git/HEAD HTTP/1.1" 403 403 "-" "Mozilla/5.0 ( ... show more 172.202.100.50 - - [14/Jun/2026:20:45:49 +0200] "GET /.git/HEAD HTTP/1.1" 403 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Phishing Brute-Force Web App Attack
🇩🇪 DEV-DNS	2026-06-14 15:28:17 (13 hours ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection
🇸🇪 NordhTech	2026-06-14 14:00:47 (14 hours ago)	More than 3 malicious connection attempts, trying port(s) 2083/tcp, then blocked from services ...	Port Scan Hacking
Anonymous	2026-06-02 10:04:21 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇸🇰 EVISION	2026-06-02 08:11:33 (1 week ago)	Automatic report from EV firewall log. https://github.com/Ragnarocek/Windows_FW_AbuseIPDB_Reporti ... show more Automatic report from EV firewall log. https://github.com/Ragnarocek/Windows_FW_AbuseIPDB_Reporting ID: M8tSsjHe1F40uWR9mijdprwYUOjweqDU show less	Port Scan Hacking Brute-Force
🇺🇸 xmission.com	2026-06-02 07:53:50 (1 week ago)	Blocked by UFW (TCP on 2087) Source port: 34093 TTL: 53 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 34093 TTL: 53 Packet length: 60 TOS: 0x00 This report (for 172.202.100.50) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 ITSNF	2026-06-02 07:45:14 (1 week ago)	Blocked by os-abuseipdb; 7 hits, proto=tcp, ports=2082,2083,2086,2087,443,8080,8443	Port Scan Hacking
Anonymous	2026-06-02 06:44:38 (1 week ago)	Unauthorized connection	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-05-28 21:16:55 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 172.202.100.50 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.202.100.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 17:16:47.630512 2026] [security2:error] [pid 14925:tid 14925] [client 172.202.100.50:55238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gilbert-consulting.com"] [uri "/.env"] [unique_id "ahiwvz81vg8BWY3RPk6oHQAAAAI"], referer: https://claude.ai/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-05-28 20:45:02 (2 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2026-05-28 16:25:04 (2 weeks ago)	Bot / scanning and/or hacking attempts: GET /docker-compose.yml HTTP/2.0, GET /.env.local HTTP/2.0, ... show more Bot / scanning and/or hacking attempts: GET /docker-compose.yml HTTP/2.0, GET /.env.local HTTP/2.0, [22/22] read: stream 0, , GET /cloudbuild.yaml HTTP/2.0, GET /.env.development HTTP/2.0, [24/23] schedule: stream 47, GET /.env.staging, GET /.env HTTP/2.0, [18/18] read: stream 0, , GET /app.yaml HTTP/2.0, GET /.git/config HTTP/2.0, GET /.env.example HTTP/2.0, GET /.env.prod HTTP/2.0, GET /appsettings.json HTTP/2.0, GET /config/.env HTTP/2.0, GET /.env.backup HTTP/2.0, GET /gcp-account.json HTTP/2.0, GET /const.js HTTP/2.0, GET /.aws/credentials HTTP/2.0, GET /settings.json HTTP/2.0, GET /application.yml HTTP/2.0, GET /secrets.yml HTTP/2.0, GET /Jenkinsfile HTTP/2.0, GET /sa-key.json HTTP/2.0, GET /Dockerfile HTTP/2.0, GET /config.json HTTP/2.0, GET /.env.staging HTTP/2.0, GET /config HTTP/2.0, GET /credentials HTTP/2.0, GET /credentials.yml.enc HTTP/2.0, GET /service-account.json HTTP/2.0, GET /credentials.json HTTP/2.0 show less	Hacking Web App Attack
🇩🇪 2048	2026-05-26 15:53:44 (2 weeks ago)	2026-05-26T17:53:32.622877+02:00 machodeer kernel: [2518729.974376] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-26T17:53:32.622877+02:00 machodeer kernel: [2518729.974376] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.202.100.50 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=61261 DF PROTO=TCP SPT=13714 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-26T17:53:40.444415+02:00 machodeer kernel: [2518737.795716] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.202.100.50 DST=REDACTED LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=1 DF PROTO=TCP SPT=13714 DPT=443 WINDOW=0 RES=0x00 ACK RST URGP=0 2026-05-26T17:53:43.808288+02:00 machodeer kernel: [2518741.159723] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.202.100.50 DST=REDACTED LEN=40 TOS=0x00 PREC=0x00 TTL=105 ID=1 DF PROTO=TCP SPT=13704 DPT=443 WINDOW=0 RES=0x00 ACK RST URGP=0 show less	Port Scan
🇺🇸 Rayulcifer	2026-04-18 20:46:34 (1 month ago)	172.202.100.50 - - [18/Apr/2026:15:45:10 -0500] "CONNECT ip-count.dstat.uk:443 HTTP/1.1" 502 544 "-" ... show more 172.202.100.50 - - [18/Apr/2026:15:45:10 -0500] "CONNECT ip-count.dstat.uk:443 HTTP/1.1" 502 544 "-" "-" 172.202.100.50 - - [18/Apr/2026:15:46:33 -0500] "CONNECT ip-count.dstat.uk:443 HTTP/1.1" 502 544 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇺🇸 Rayulcifer	2026-04-17 01:15:11 (1 month ago)	172.202.100.50 - - [16/Apr/2026:20:15:09 -0500] "GET http://httpbin.org/ip HTTP/1.1" 200 874 "-" "ax ... show more 172.202.100.50 - - [16/Apr/2026:20:15:09 -0500] "GET http://httpbin.org/ip HTTP/1.1" 200 874 "-" "axios/1.14.0" 172.202.100.50 - - [16/Apr/2026:20:15:09 -0500] "GET http://httpbin.org/get HTTP/1.1" 200 874 "-" "axios/1.14.0" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇺🇸 Rayulcifer	2026-04-11 22:24:44 (2 months ago)	172.202.100.50 - - [11/Apr/2026:17:24:42 -0500] "GET https://fglt.net HTTP/1.1" 200 90587 "-" "Mozil ... show more 172.202.100.50 - - [11/Apr/2026:17:24:42 -0500] "GET https://fglt.net HTTP/1.1" 200 90587 "-" "Mozilla/5.0 (Linux; Android 14; SM-S918B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36" 172.202.100.50 - - [11/Apr/2026:17:24:42 -0500] "GET https://fglt.net HTTP/1.1" 200 90586 "-" "Mozilla/5.0 (Linux; Android 14; SM-S918B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇰 220.247.224.226

🇺🇸 216.180.246.155

🇮🇶 65.20.205.197

🇺🇸 64.62.197.91

🇺🇸 52.20.198.190

🇨🇦 34.130.208.137

🇺🇸 23.94.92.98

🇨🇳 223.85.102.138

🇧🇪 198.235.24.247

🇧🇪 198.235.24.245

🇮🇳 182.95.106.138

🇺🇸 174.138.40.30

🇩🇪 165.22.76.0

🇺🇸 150.107.38.162

🇫🇷 146.70.194.228

🇬🇧 138.68.133.230

🇮🇳 122.180.21.11

🇵🇰 115.42.70.26

🇺🇸 104.152.52.104

🇩🇪 69.5.169.135