JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.222.242.172

185.222.242.172 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 50%: ?

50%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51167
Hostname(s)	vmi3389227.contaboserver.net
Domain Name	contabo.com
Country	🇫🇷 France
City	Lauterbourg, Grand Est

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.222.242.172

Whois 185.222.242.172

IP Abuse Reports for 185.222.242.172:

This IP address has been reported a total of 60 times from 44 distinct sources. 185.222.242.172 was first reported on April 29th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 knock	2026-05-21 17:55:55 (1 month ago)	Knock-Knock honeypot brute-force: proto8 (1 total hits)	Brute-Force
🇬🇧 PeravixGroup	2026-05-21 11:42:32 (1 month ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 RAP	2026-05-21 10:49:41 (1 month ago)	2026-05-21 10:49:41 UTC Unauthorized activity to TCP port 9200.	Port Scan
🇨🇳 ThreatBook.io	2026-05-18 23:10:03 (1 month ago)	2026-05-18 02:49:56 /	Web App Attack
🇪🇸 librebit	2026-05-18 12:56:23 (1 month ago)	Brute force	Brute-Force
🇺🇸 RAP	2026-05-18 09:55:22 (1 month ago)	2026-05-18 09:55:22 UTC Unauthorized activity to TCP port 9200.	Port Scan
Anonymous	2026-05-18 06:00:34 (1 month ago)	2026-05-18T07:00:33.619329+01:00 vps kernel: [40824216.248801] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-05-18T07:00:33.619329+01:00 vps kernel: [40824216.248801] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=185.222.242.172 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=41141 DF PROTO=TCP SPT=47066 DPT=9200 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇺🇸 xmission.com	2026-05-18 05:55:14 (1 month ago)	Blocked by UFW (TCP on 9200) Source port: 35090 TTL: 47 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 9200) Source port: 35090 TTL: 47 Packet length: 60 TOS: 0x08 This report (for 185.222.242.172) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 KPS	2026-05-18 02:29:10 (1 month ago)	PortscanM	Port Scan
🇹🇼 ashiyasayo	2026-05-18 00:46:57 (1 month ago)	Detected Server-Side Request Forgery (SSRF) attempt.	Web App Attack
🇸🇬 Starburst SysOp Team	2026-05-17 23:43:27 (1 month ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-sin2-2)	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-05-17 20:18:49 (1 month ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 RAP	2026-05-17 17:05:31 (1 month ago)	2026-05-17 17:05:31 UTC Unauthorized activity to TCP port 9200.	Port Scan
🇺🇸 xmission.com	2026-05-17 14:06:37 (1 month ago)	Blocked by UFW (TCP on 9200) Source port: 39610 TTL: 44 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 9200) Source port: 39610 TTL: 44 Packet length: 60 TOS: 0x08 This report (for 185.222.242.172) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇦 Slackin' Jack	2026-05-17 11:44:27 (1 month ago)	Unauthorized scraper/crawler on port 80/443. (185.222.242.172)	Bad Web Bot

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.202.112.10

🇺🇸 162.216.150.83

🇺🇸 152.32.183.13

🇵🇰 119.73.102.247

🇫🇷 62.210.38.102

🇨🇳 175.30.48.59

🇨🇳 175.19.75.240

🇺🇸 165.154.36.245

🇺🇸 147.185.132.55

🇭🇰 124.156.129.246

🇨🇳 124.31.106.236

🇨🇳 123.160.234.96

🇫🇷 85.217.140.34

🇰🇷 59.12.160.91

🇮🇳 52.140.76.154

🇲🇾 47.250.162.17

🇺🇸 47.88.16.55

🇯🇵 8.216.10.242

🇺🇸 2a0a:d683:d9b5:7db3:319d:ad6:de28:7d04

🇺🇸 2607:f8b0:4004:100d::12a