AbuseIPDB » 172.202.117.213

172.202.117.213 was found in our database!

This IP was reported 576 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Hostname(s)	azpdcexdg7i9.stretchoid.com
Domain Name	microsoft.com
Country	United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 172.202.117.213

Whois 172.202.117.213

IP Abuse Reports for 172.202.117.213:

This IP address has been reported a total of 576 times from 168 distinct sources. 172.202.117.213 was first reported on February 19th 2025, and the most recent report was 27 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
ⓔⓜⓙⓔⓔ	2025-03-28 16:08:56 (27 minutes ago)	WEB 🕸 Honeypot: scanning-probing /owa/auth/logon.aspx	Bad Web Bot Web App Attack
StopAbuse	2025-03-28 11:35:11 (5 hours ago)	tcp/443	Port Scan
Anonymous	2025-03-28 11:24:45 (5 hours ago)	[27/Mar/2025:10:39:32 -0400] "GET /owa/auth/logon.aspx HTTP/1.1" "Mozilla/5.0 zgrab/0.x"	Hacking
Anonymous	2025-03-28 10:57:05 (5 hours ago)	Fail2ban Nginx log integration.	Port Scan Brute-Force SSH
jkhorvath.com	2025-03-28 09:20:23 (7 hours ago)	Request for URL /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application	Phishing Brute-Force Web App Attack
Study Bitcoin 🤗	2025-03-28 08:58:48 (7 hours ago)	Port probe to tcp/443 (https) [srv134]	Port Scan Brute-Force Bad Web Bot Web App Attack
Stefan Dreher	2025-03-28 04:26:07 (12 hours ago)	172.202.117.213 - - [28/Mar/2025:05:26:07 +0100] "GET /ecp/Current/exporttool/microsoft.exchange.edi ... show more172.202.117.213 - - [28/Mar/2025:05:26:07 +0100] "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 404 125 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
barbarella	2025-03-28 04:06:42 (12 hours ago)	Tried to call Outlook Auto Discover methods (GET /ecp/Current/exporttool/microsoft.exchange.ediscov ... show moreTried to call Outlook Auto Discover methods (GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application) show less	Hacking Web App Attack
sid3windr	2025-03-28 03:37:29 (12 hours ago)	GET /owa/auth/logon.aspx (Tarpitted for 1d15h8m27s, wasted 8.06MB)	Web App Attack
Study Bitcoin 🤗	2025-03-28 01:40:37 (14 hours ago)	2 port probes: 2x tcp/443 (https) [srv125]	Port Scan Brute-Force Bad Web Bot Web App Attack
tg_de	2025-03-27 19:06:37 (21 hours ago)	5 attempts since 23.02.2025 11:14:59 UTC - last search for: /owa/auth/logon.aspx	Web App Attack
Andrew	2025-03-27 18:05:47 (22 hours ago)	Blocked by UFW (TCP on port 443). Source port: 45234 TTL: 236 Packet length: 40<br ... show moreBlocked by UFW (TCP on port 443). Source port: 45234 TTL: 236 Packet length: 40 TOS: 0x00 This report (for 172.202.117.213) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
MPL	2025-03-27 15:37:14 (1 day ago)	tcp/443 (2 or more attempts)	Port Scan
WebRanger	2025-03-27 14:20:31 (1 day ago)	GET /owa/auth/logon.aspx HTTP/1.1 403 146 "- GET /owa/auth/logon.aspx HTTP/1.1" 403 146 "-" "Mozilla ... show moreGET /owa/auth/logon.aspx HTTP/1.1 403 146 "- GET /owa/auth/logon.aspx HTTP/1.1" 403 146 "-" "Mozilla/5.0 zgrab/0.x" "- show less	Web App Attack
sbocquet	2025-03-27 12:52:23 (1 day ago)	Port 443 scanned.	Port Scan

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩