JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.174.110.130

172.174.110.130 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 70%: ?

70%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.174.110.130

Whois 172.174.110.130

IP Abuse Reports for 172.174.110.130:

This IP address has been reported a total of 24 times from 19 distinct sources. 172.174.110.130 was first reported on June 1st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 KPS	2026-06-27 12:14:48 (1 day ago)	PortscanM	Port Scan
🇺🇸 MPL	2026-06-26 18:48:30 (1 day ago)	tcp port scan (8 or more attempts)	Port Scan
🇧🇷 maviei	2026-06-26 18:37:37 (1 day ago)	2026-06-26T15:37:36.285391-03:00 srv1251771 kernel: [2265883.128747] [UFW BLOCK] IN=eth0 OUT= MAC=40 ... show more 2026-06-26T15:37:36.285391-03:00 srv1251771 kernel: [2265883.128747] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.174.110.130 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=61624 DF PROTO=TCP SPT=58056 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-26T15:37:36.286322-03:00 srv1251771 kernel: [2265883.129690] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.174.110.130 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=9064 DF PROTO=TCP SPT=58056 DPT=2082 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-26T15:37:36.287323-03:00 srv1251771 kernel: [2265883.130701] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.174.110.130 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=47484 DF PROTO=TCP SPT=58066 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-06-26 17:14:56 (1 day ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
🇺🇸 xmission.com	2026-06-26 17:10:24 (1 day ago)	Blocked by UFW (TCP on 8080) Source port: 58122 TTL: 47 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8080) Source port: 58122 TTL: 47 Packet length: 60 TOS: 0x00 This report (for 172.174.110.130) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 Vincent Falzon	2026-06-26 13:54:08 (1 day ago)	SSH brute-force / unauthorized login attempts observed against sovereign infrastructure. Hits: 3. Co ... show more SSH brute-force / unauthorized login attempts observed against sovereign infrastructure. Hits: 3. Confidence: 75. Recent sample: 2026-06-26T13:53:04.788Z: 2026-06-26T13:52:49.845Z: 2026-06-26T13:52:39.681Z: show less	Brute-Force SSH
🇩🇪 ghostwarriors	2026-06-16 10:51:00 (1 week ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tecnicorioja	2026-06-06 22:01:36 (3 weeks ago)	(Mod_security)	Web App Attack Brute-Force Bad Web Bot
🇩🇪 Hans Wurst	2026-06-06 16:00:01 (3 weeks ago)	Many 404-Error: Suspicion of URL-Fuzzing/Bot-Scan.	Web App Attack
🇩🇪 ghostwarriors	2026-06-06 13:50:24 (3 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇧🇷 SOC PR	2026-06-02 08:39:29 (3 weeks ago)	IPS: Sensitive Configuration File Disclosure.	Hacking
🇹🇷 Threat.live	2026-06-02 08:30:07 (3 weeks ago)	Threat.live: Web Scan	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 07:45:29 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 172.174.110.130 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.174.110.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 03:45:21.739102 2026] [security2:error] [pid 7662:tid 7662] [client 172.174.110.130:9933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.92"] [uri "/.git/config"] [unique_id "ah6KEeLZv5MiGgZEEDM8aAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ByeByte API	2026-06-02 07:30:21 (3 weeks ago)	Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 2086. Single burst at 202 ... show more Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 2086. Single burst at 2026-06-02 07:30 UTC. show less	Port Scan
🇺🇸 MPL	2026-06-02 07:25:13 (3 weeks ago)	tcp/8443 (2 or more attempts)	Port Scan

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 190.221.50.123

🇬🇭 41.204.63.118

🇬🇧 35.203.211.148

🇳🇱 192.42.116.42

🇺🇸 165.22.184.50

🇺🇸 67.188.47.2

🇳🇱 45.148.10.147

🇳🇱 45.148.10.121

🇺🇸 34.26.11.81

🇷🇴 2.57.121.112

🇩🇪 213.209.159.242

🇺🇸 159.223.99.101

🇺🇸 144.126.209.169

🇦🇪 139.185.55.154

🇨🇳 106.75.164.40

🇷🇺 95.73.30.39

🇳🇱 91.92.40.46

🇷🇴 80.94.92.156

🇧🇪 34.38.203.79

🇦🇷 200.114.201.115