JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.202.102.217

172.202.102.217 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 70%: ?

70%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.202.102.217

Whois 172.202.102.217

IP Abuse Reports for 172.202.102.217:

This IP address has been reported a total of 12 times from 12 distinct sources. 172.202.102.217 was first reported on April 13th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 EGP Abuse Dept	2026-06-08 06:14:52 (1 hour ago)	Scanning for web/db/file exploits on tpc-053.mach3builders.nl	SQL Injection Bad Web Bot Web App Attack
🇩🇪 keep_out	2026-06-08 05:40:24 (2 hours ago)	89-nginx-404 ...	Bad Web Bot Web App Attack
🇺🇸 Ar1s	2026-06-08 05:33:35 (2 hours ago)	[1:2610542] TGI HUNT gitrepo HTTP Probe ::: Port: 80/TCP	Exploited Host
🇬🇧 djboddington	2026-06-08 05:29:05 (2 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇦 Scientific Route	2026-06-08 05:10:41 (3 hours ago)	172.202.102.217 - - [08/Jun/2026:08:10:38 +0300] "GET /.env HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Wind ... show more 172.202.102.217 - - [08/Jun/2026:08:10:38 +0300] "GET /.env HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.202.102.217 - - [08/Jun/2026:08:10:40 +0300] "GET /.env.production HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Web App Attack
🇩🇪 tg_de	2026-06-08 05:00:40 (3 hours ago)	22 attempts since 08.06.2026 07:00:07 CEST - last search for: /___proxy_subdomain_whm/login/	Web App Attack
Anonymous	2026-06-08 04:54:10 (3 hours ago)	Honeypot hit: Empty payload (likely service probe); 2087 [4], 2083 [1], 2086 [1], 2082 [1] TCP Repor ... show more Honeypot hit: Empty payload (likely service probe); 2087 [4], 2083 [1], 2086 [1], 2082 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-07 20:32:50 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 172.202.102.217 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.202.102.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:32:44.087095 2026] [security2:error] [pid 19857:tid 19857] [client 172.202.102.217:62046] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.32"] [uri "/.git/HEAD"] [unique_id "aiXVbIEQaoLgLn-YY54EKwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 VXG-NET	2026-06-07 20:20:39 (11 hours ago)	port=80, indicator_type=info-leak	Hacking
🇵🇱 Wepted	2026-06-07 19:43:00 (12 hours ago)	Port scan detected by honeypot	Port Scan Hacking
🇺🇸 MPL	2026-06-07 15:56:14 (16 hours ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 Rayulcifer	2026-04-13 05:03:41 (1 month ago)	172.202.102.217 - - [13/Apr/2026:00:03:40 -0500] "GET https://858969.xyz HTTP/1.1" 200 90567 "https: ... show more 172.202.102.217 - - [13/Apr/2026:00:03:40 -0500] "GET https://858969.xyz HTTP/1.1" 200 90567 "https://www.google.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" 172.202.102.217 - - [13/Apr/2026:00:03:41 -0500] "GET https://858969.xyz HTTP/1.1" 200 90566 "https://www.google.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.255.159

🇺🇸 192.227.221.227

🇳🇱 172.94.9.136

🇺🇸 165.154.134.138

🇺🇸 74.249.128.248

🇩🇪 49.13.222.98

🇨🇭 37.120.213.13

🇳🇱 213.177.179.80

🇸🇬 203.116.129.55

🇮🇳 103.84.236.242

🇱🇹 62.60.130.59

🇲🇳 59.153.112.237

🇨🇳 59.52.179.112

🇩🇪 47.245.139.22

🇧🇪 34.14.102.210

🇺🇸 20.64.106.18

🇨🇳 180.102.110.160

🇧🇷 177.74.188.179

🇮🇳 135.235.138.43

🇧🇩 123.49.38.114