JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.212.164.16

172.212.164.16 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 96%: ?

96%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.212.164.16

Whois 172.212.164.16

IP Abuse Reports for 172.212.164.16:

This IP address has been reported a total of 27 times from 25 distinct sources. 172.212.164.16 was first reported on September 24th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 /dev/null	2026-06-15 23:46:32 (1 day ago)	RouterOS: Portscanner detected.	Port Scan Brute-Force
🇺🇸 xmission.com	2026-06-14 09:25:33 (2 days ago)	Blocked by UFW (TCP on 8880) Source port: 17344 TTL: 50 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8880) Source port: 17344 TTL: 50 Packet length: 60 TOS: 0x00 This report (for 172.212.164.16) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 Site.eu	2026-06-13 00:23:23 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇧🇪 taivas.nl	2026-06-11 19:32:12 (5 days ago)	Wordpress_xmlrpc_attack	Bad Web Bot
🇩🇪 big-cloud.nl	2026-06-11 19:29:13 (5 days ago)	Try to access /xmlrpc.php	Web App Attack
🇩🇪 grassau.com	2026-06-11 19:26:01 (5 days ago)	(wordpress) Failed wordpress login from 172.212.164.16 (US/United States/Iowa/Des Moines/-)	Brute-Force
🇪🇸 SweetHoneyPress	2026-06-11 19:08:02 (5 days ago)	WordPress honeypot: POST to /xmlrpc.php \| event_id=761993 \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; ... show more WordPress honeypot: POST to /xmlrpc.php \| event_id=761993 \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.37 show less	Web App Attack Brute-Force
🇺🇸 mnsf	2026-06-11 19:05:46 (5 days ago)	Xmlrpc Caught (11) Too many Status 40X (11)	Brute-Force Web App Attack
🇩🇪 konseptit	2026-06-11 19:02:50 (5 days ago)	(wordpress) Failed wordpress login from 172.212.164.16 (US/United States/-)	Brute-Force
🇺🇸 bigwavedave	2026-06-11 19:00:35 (5 days ago)	Wordpress Attack	Web App Attack
🇩🇪 todix	2026-06-11 18:58:51 (5 days ago)	Wordpress brute force or spam attempt from 172.212.164.16	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 18:46:38 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 172.212.164.16 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 172.212.164.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 14:46:31.836785 2026] [security2:error] [pid 1495:tid 1495] [client 172.212.164.16:2902] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eye7graphics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eye7graphics.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aisCh7ht9Q12r1UFhyUkIgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 18:45:19 (5 days ago)	Web attack blocked by Wordfence on mezzia.nl (2 hits). Reported by CRMON.	Web App Attack
Anonymous	2026-06-11 18:40:25 (5 days ago)	[redacted] 172.212.164.16 - - [11/Jun/2026:20:40:10 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" " ... show more [redacted] 172.212.164.16 - - [11/Jun/2026:20:40:10 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.37" [redacted] 172.212.164.16 - - [11/Jun/2026:20:40:12 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 172.212.164.16 - - [11/Jun/2026:20:40:14 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 172.212.164.16 - - [11/Jun/2026:20:40:15 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 172.212.164.16 - - [11/Jun/2026:20:40:17 +0200] "POS ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 06:47:05 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 172.212.164.16 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.212.164.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:47:00.649873 2026] [security2:error] [pid 12030:tid 12030] [client 172.212.164.16:48255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.52"] [uri "/.git/config"] [unique_id "ah_N5PuOwmXh9oV6GXoZ9gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 154.197.57.20

🇮🇳 103.248.120.6

🇺🇸 23.29.118.224

🇬🇧 188.240.59.31

🇧🇷 187.111.157.5

🇺🇸 185.180.141.10

🇩🇪 185.176.94.38

🇮🇶 185.166.25.150

🇺🇸 155.94.163.175

🇺🇸 147.185.132.201

🇸🇬 97.74.88.143

🇮🇹 82.51.158.253

🇳🇱 45.148.10.200

🇸🇬 43.163.95.104

🇧🇷 20.195.176.139

🇨🇳 221.231.140.139

🇳🇱 204.76.203.51

🇭🇰 199.45.154.177

🇺🇸 147.185.132.31

🇮🇳 103.91.246.101