JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.174.165.3

172.174.165.3 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 74%: ?

74%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.174.165.3

Whois 172.174.165.3

IP Abuse Reports for 172.174.165.3:

This IP address has been reported a total of 36 times from 26 distinct sources. 172.174.165.3 was first reported on September 4th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 gu-alvareza	2026-06-08 07:05:07 (1 week ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇩🇪 Richie	2026-06-07 18:36:08 (1 week ago)	[HOST1] Port Scan detected	Port Scan
🇨🇦 Roper123	2026-06-07 18:31:42 (1 week ago)	Web exploits	Hacking Web App Attack
🇺🇸 MPL	2026-06-07 17:59:53 (1 week ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-07 15:29:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 172.174.165.3 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.174.165.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 11:29:54.616507 2026] [security2:error] [pid 1593:tid 1593] [client 172.174.165.3:2245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.18"] [uri "/.git/config"] [unique_id "aiWOcgCTzJQLFgy-nn6XdwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 MaxMeier	2026-06-07 15:08:43 (1 week ago)	172.174.165.3 - - [07/Jun/2026:17:07:42 +0200] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Win ... show more 172.174.165.3 - - [07/Jun/2026:17:07:42 +0200] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 172.174.165.3 - - [07/Jun/2026:17:07:45 +0200] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 172.174.165.3 - - [07/Jun/2026:17:07:49 +0200] "GET /.env.production HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.174.165.3 - - [07/Jun/2026:17:07:51 +0200] "GET /.env.backup HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 172.174.165.3 - - [07/Jun/2026:17:07:52 +0200] "GET /.env.save HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 172.174.165.3 - - [07/Jun/2026:17:07:53 +0200] "GET /wp-config.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Mac ... show less	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-07 15:07:27 (1 week ago)	Too many 404 requests [BY]	Web App Attack
🇩🇪 filstal.org	2026-06-07 14:41:02 (1 week ago)	CrowdSec: crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 NeverBehave	2026-06-07 14:31:16 (1 week ago)	[fail2ban] service ocserv jail	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-07 13:49:21 (1 week ago)	Multiple WAF Violations	Web App Attack
🇵🇱 Wepted	2026-06-07 13:27:15 (1 week ago)	Port scan detected by honeypot	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-03 06:45:48 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇦🇹 René Hickersberger	2026-05-26 11:18:18 (2 weeks ago)	[2026-05-26T11:18:18Z] Malicious request to /config/.env	Hacking Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-05-26 10:49:14 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 mnsf	2026-05-26 10:05:07 (2 weeks ago)	Too many Status 40X (15) Scanning/Probing (11)	Brute-Force Web App Attack

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.32

🇳🇱 190.2.135.111

🇳🇱 185.242.226.8

🇨🇮 154.0.30.137

🇺🇸 20.163.16.165

🇩🇪 194.187.176.45

🇳🇱 176.65.139.140

🇻🇳 123.26.170.219

🇺🇸 107.150.105.241

🇺🇸 103.153.183.69

🇲🇦 80.250.47.1

🇫🇮 74.125.114.156

🇺🇸 66.132.172.146

🇩🇪 45.86.202.207

🇺🇸 34.54.78.238

🇫🇷 31.220.79.216

🇮🇳 27.123.111.114

🇭🇰 152.32.212.224

🇲🇾 49.124.151.32

🇧🇷 45.160.231.44