Outpost / reputation
Get API key →

IP reputation lookup

Geolocation, network attribution and threat signals for any IPv4 address. Backed by 6 honeypots and a dozen public blocklists.

200 queries / day · free
status ● operational
Try: 88.198.24.108 1.1.1.1 8.8.8.8 SSHD brute force → log4j attack logs →
Result for
172.174.72.225
AS8075 MICROSOFT-CORP-MSN-AS-BLOCK, US 🇩🇪 Germany Apache/2.4.18 (Ubuntu)
Suspicious
82 / 100
Reputation score

Reputation signals

1 of 6 categories triggered
Web spam
Clean
No match · Comment & forum spam blocklists (StopForumSpam, NOC forum networks).
Web attacks
Clean
No match · IP observed in web exploit attempts and DShield /24 lists.
Botnet C2
Clean
No match · C2 indicators from ccabuse and feodotracker.
Email spam
Clean
No match · Spamhaus DROP / EDROP listings.
Brute force
Detected
Captured by SSHD honeypot in last 24 h.
DDoS source
Clean
No match · Recent amplification or volumetric activity.

Network usage

probe @ 23 May 2026 14:02 UTC
Routable true
Hosting provider false
Pingable (ICMP) false
Tor exit node false
Web server Apache/2.4.18 (Ubuntu)
Open proxy / VPN false
Bogon (unroutable)false
Country 🇩🇪 DE

Recommended actions

based on detected signals
BLOCK
Block traffic
Drop traffic from this IP at your firewall / edge.
BLOCK
Block account registrations
Prevent sign-ups from this address.
BLOCK
Block comments & forms
Block forum, comment and contact-form submissions.

Why: Likely malicious traffic from blacklisted IP addresses.

.htaccess nginx iptables
# Outpost · block 172.174.72.225 (suspicious · 82/100) # 1 reputation signal detected Require all granted Require not ip 172.174.72.225 # or block the entire /24: Require not ip 172.174.72.0/24

Raw response

application/json · cached 60s
{ "ip": "172.174.72.225", "reverse": false, "as_number": "8075", "as_name": "MICROSOFT-CORP-MSN-AS-BLOCK, US", "country_code": "DE", "country": "Germany", "usage": { "is_pingable": false, "is_webserver": true, "is_routable": true, "webserver": "Apache/2.4.18 (Ubuntu)", "is_tor": false, "is_proxy": false, "is_hosting": false, "is_bogon": false }, "reputation": { "web_spam": false, "web_attacks": false, "botnet": false, "email_spam": false, "brute_force": true, "details": "IP being used by web or sshd password guessing / brute force attempts.", "ddos": false }, "recommendations": { "block_traffic": true, "block_registrations": true, "block_comments": true, "details": "Likely malicious traffic from blacklisted IP addresses." } }