JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.173.123.148

52.173.123.148 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 86%: ?

86%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.173.123.148

Whois 52.173.123.148

IP Abuse Reports for 52.173.123.148:

This IP address has been reported a total of 31 times from 28 distinct sources. 52.173.123.148 was first reported on March 15th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 gu-alvareza	2026-06-11 07:05:08 (4 days ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇦🇹 urnilxfgbez	2026-06-10 22:45:00 (4 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 dynamix	2026-06-10 16:37:21 (4 days ago)	Multiple WAF Violations	Web App Attack
🇬🇧 Smish	2026-06-10 16:04:18 (4 days ago)	HONEYPOT HIT --> Fail2ban time=1781107456 log=2026-06-10T17:04:16+01:00 ip=52.173.123.148 host=89.39 ... show more HONEYPOT HIT --> Fail2ban time=1781107456 log=2026-06-10T17:04:16+01:00 ip=52.173.123.148 host=89.39.211.6 method=GET uri="/.git/HEAD" status=404 ua="Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" ref="-" rid=f072a2832ecce5aa7d9725554098f3c0 show less	Web App Attack
🇺🇸 RAP	2026-06-10 15:55:19 (4 days ago)	2026-06-10 15:55:19 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇵🇹 rncbc	2026-06-10 13:20:36 (4 days ago)	[Wed Jun 10 14:20:15.914334 2026] [authz_core:error] [pid 668714:tid 668714] [client 52.173.123.148: ... show more [Wed Jun 10 14:20:15.914334 2026] [authz_core:error] [pid 668714:tid 668714] [client 52.173.123.148:29839] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/.env.backup [Wed Jun 10 14:20:17.474796 2026] [authz_core:error] [pid 663459:tid 663459] [client 52.173.123.148:30538] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/.env.save [Wed Jun 10 14:20:35.602759 2026] [authz_core:error] [pid 668635:tid 668635] [client 52.173.123.148:31017] AH01630: client denied by server configuration: /srv/www/vhosts/rncbc/___proxy_subdomain_whm ... show less	Brute-Force Bad Web Bot Web App Attack SSH
🇩🇪 kivitendo.de	2026-06-10 12:57:47 (4 days ago)	[Wed Jun 10 14:57:53.713519 2026] [access_compat:error] [pid 217514:tid 217562] [client 52.173.123.1 ... show more [Wed Jun 10 14:57:53.713519 2026] [access_compat:error] [pid 217514:tid 217562] [client 52.173.123.148:31266] AH01797: client denied by server configuration: /var/www/kivitendo-erp-git/.git/HEAD [Wed Jun 10 14:57:54.456419 2026] [access_compat:error] [pid 217513:tid 217528] [client 52.173.123.148:30523] AH01797: client denied by server configuration: /var/www/kivitendo-erp-git/.git/config ... show less	Brute-Force Web App Attack
🇩🇪 iNetWorker	2026-06-02 10:20:41 (1 week ago)	firewall-block, port(s): 2086/tcp	Port Scan
Anonymous	2026-06-02 10:00:10 (1 week ago)	Automatic report - Vulnerability scan /.git/HEAD	Web App Attack
🇺🇸 MPL	2026-06-02 09:51:27 (1 week ago)	tcp port scan (5 or more attempts)	Port Scan
🇺🇸 RAP	2026-06-02 09:38:59 (1 week ago)	2026-06-02 09:38:59 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 ISPLtd	2026-06-02 09:33:45 (1 week ago)	Jun 2 06:33:43 52.173.123.148 TCP SPT=42023 DPT=2087 SYN Jun 2 06:33:45 52.173.123.148 TCP SPT=420 ... show more Jun 2 06:33:43 52.173.123.148 TCP SPT=42023 DPT=2087 SYN Jun 2 06:33:45 52.173.123.148 TCP SPT=42041 DPT=2086 SYN Jun 2 06:33:45 52.173.123.148 TCP SPT=42022 DPT=8443 ... show less	Port Scan
🇫🇷 Hiigara	2026-06-02 08:01:00 (1 week ago)	connection attempt : 52.173.123.148 on port : tcp/8080 (HTTP-alt)	Port Scan
🇩🇪 KPS	2026-06-02 07:20:58 (1 week ago)	PortscanM	Port Scan
🇩🇪 kkeyser	2026-06-02 06:23:42 (1 week ago)	GET /.env HTTP/1.1	Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 186.122.177.140

🇵🇭 136.158.70.23

🇦🇹 91.133.65.137

🇳🇱 85.11.167.118

🇹🇷 78.163.105.180

🇺🇸 65.49.20.126

🇺🇸 198.98.56.227

🇬🇧 193.163.125.92

🇻🇳 171.231.179.119

🇻🇳 152.32.162.142

🇺🇸 91.230.168.40

🇫🇷 85.217.140.42

🇩🇪 36.255.97.27

🇺🇸 20.186.232.154

🇷🇸 212.200.75.31

🇸🇬 206.189.158.17

🇨🇳 180.106.83.59

🇳🇱 178.16.55.50

🇩🇪 167.94.146.63

🇦🇹 152.53.0.56