JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.174.166.198

172.174.166.198 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 59%: ?

59%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.174.166.198

Whois 172.174.166.198

IP Abuse Reports for 172.174.166.198:

This IP address has been reported a total of 11 times from 10 distinct sources. 172.174.166.198 was first reported on April 21st 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-06-02 13:42:52 (5 days ago)	Blocked by UFW on PL02 [443/tcp] \| SPT: 29260 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on PL02 [443/tcp] \| SPT: 29260 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇬🇧 PeravixGroup	2026-06-02 12:59:24 (5 days ago)	Honeypot detection: Web application exploitation attempt (CMS/plugin probe) on port 8080. Severity: ... show more Honeypot detection: Web application exploitation attempt (CMS/plugin probe) on port 8080. Severity: MEDIUM. Aaran.cloud show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 11:55:08 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.174.166.198 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.174.166.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:55:00.757305 2026] [security2:error] [pid 2490:tid 2490] [client 172.174.166.198:29452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.206"] [uri "/.git/HEAD"] [unique_id "ah7ElF8JcttB74sAmnA0twAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 11:33:33 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 172.174.166.198 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.174.166.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:33:26.926501 2026] [security2:error] [pid 23835:tid 23835] [client 172.174.166.198:29441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.227"] [uri "/.git/HEAD"] [unique_id "ah6_hoa7JzHQ1JE91IEnrwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 Threat.live	2026-06-02 11:30:04 (5 days ago)	Suspicious Connection Attempts	Brute-Force
Anonymous	2026-06-02 10:30:26 (5 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 Admins@FBN	2026-06-02 09:43:30 (5 days ago)	FW-PortScan: Traffic Blocked srcport=29443 dstport=8443	Port Scan
🇺🇸 xmission.com	2026-06-02 09:32:31 (5 days ago)	Blocked by UFW (TCP on 2083) Source port: 29443 TTL: 48 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2083) Source port: 29443 TTL: 48 Packet length: 60 TOS: 0x00 This report (for 172.174.166.198) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇮 Some Body	2026-06-02 08:53:41 (5 days ago)	Aggressive web scan	Brute-Force Web App Attack
🇺🇸 antlac1	2026-06-02 07:56:15 (5 days ago)	crowdsecurity/http-sensitive-files	Brute-Force Web App Attack
🇺🇸 DiodeDave	2026-04-21 21:14:13 (1 month ago)	Attempted access after blacklisting	Email Spam

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.156.73.233

🇩🇪 178.105.163.37

🇳🇱 176.65.149.236

🇮🇩 69.5.7.218

🇸🇬 47.84.206.49

🇸🇬 47.79.214.162

🇺🇸 24.187.213.29

🇷🇺 217.25.231.150

192.168.50.66

🇬🇧 185.216.145.186

🇩🇪 178.16.52.44

🇺🇸 156.232.13.161

🇺🇸 136.117.83.82

🇨🇳 117.29.104.94

🇺🇸 47.85.8.171

🇳🇱 45.148.10.141

🇹🇿 41.59.117.118

🇩🇪 35.198.191.133

🇬🇧 2.58.172.222

🇲🇽 186.96.145.241