AbuseIPDB » 172.207.80.119

172.207.80.119 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 98%: ?

98%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 172.207.80.119

Whois 172.207.80.119

IP Abuse Reports for 172.207.80.119:

This IP address has been reported a total of 80 times from 55 distinct sources. 172.207.80.119 was first reported on June 13th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
sverson	2025-07-02 13:23:10 (2 weeks ago)	Automated report / Wordpress Attack Attempt	Hacking Web App Attack
Anonymous	2025-07-02 05:11:19 (2 weeks ago)	172.207.80.119 - - [02/Jul/2025:05:11:19 +0000] "GET /.env HTTP/1.1" 302 445 "-" "Mozilla/5.0 (X11; ... show more172.207.80.119 - - [02/Jul/2025:05:11:19 +0000] "GET /.env HTTP/1.1" 302 445 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Bad Web Bot Web App Attack
FeG Deutschland	2025-07-02 04:08:44 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
Didier Lagaert	2025-07-01 22:41:48 (2 weeks ago)	lie-17 : Block hidden directories=>/.env(/)	Hacking
dot.mg	2025-06-23 10:43:44 (3 weeks ago)	"Triggered androxgh0st spam keyword"	Web Spam Blog Spam
Anonymous	2025-06-20 23:00:03 (4 weeks ago)	scanning for sensitive files: /.env	Web App Attack
conseilgouz	2025-06-20 12:22:13 (4 weeks ago)	mae-17 : Block hidden directories=>/.env(/)	Hacking
Anonymous	2025-06-20 11:57:50 (4 weeks ago)	172.207.80.119 - - [20/Jun/2025:11:57:49 +0000] "GET /.env HTTP/1.1" 302 445 "-" "Mozilla/5.0 (Linux ... show more172.207.80.119 - - [20/Jun/2025:11:57:49 +0000] "GET /.env HTTP/1.1" 302 445 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" ... show less	Bad Web Bot Web App Attack
myintarweb	2025-06-20 09:27:40 (4 weeks ago)	172.207.80.119 - - [20/Jun/2025:10:27:39 +0100] 80 "GET /.env HTTP/1.1" 410 1565 "-" "Mozilla/5.0 (L ... show more172.207.80.119 - - [20/Jun/2025:10:27:39 +0100] 80 "GET /.env HTTP/1.1" 410 1565 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" ... show less	Hacking Bad Web Bot Web App Attack
TPI-Abuse	2025-06-20 09:12:22 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 172.207.80.119 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:210492) triggered by 172.207.80.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 20 05:12:17.867600 2025] [security2:error] [pid 2840192:tid 2840192] [client 172.207.80.119:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.eddysgroup.com"] [uri "/.env"] [unique_id "aFUl8a92cnJw1ycCGknblwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
weblite	2025-06-20 07:16:01 (4 weeks ago)	WP_EXPLOIT_PROBE WP_MALWARE_PROBE	Hacking Web App Attack
Roderic	2025-06-20 06:48:25 (4 weeks ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted])	Port Scan
enpepet	2025-06-20 06:29:09 (4 weeks ago)	GENERAL: parametres: [url:env=] UA:Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT ... show moreGENERAL: parametres: [url:env=] UA:Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 URL:/.env show less	Port Scan Hacking Brute-Force Bad Web Bot
Quarks Solutions	2025-06-20 06:28:24 (4 weeks ago)	crowdsecurity/CVE-2017-9841	Web App Attack
taivas.nl	2025-06-20 04:32:18 (4 weeks ago)	Many_bad_calls	Web App Attack

Showing 1 to 15 of 80 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

196.251.69.4

45.88.186.202

172.190.89.127

213.207.240.54

206.168.34.205

173.252.87.134

103.139.192.103

180.149.232.202

125.139.2.158

162.216.150.246

190.92.174.33

162.216.149.87

212.164.161.6

66.132.153.25

179.43.189.98

221.120.162.86

172.253.233.23

202.70.147.114

60.173.110.253

152.53.133.58