JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 1.94.17.74

1.94.17.74 was found in our database!

This IP was reported 428 times. Confidence of Abuse is 100%: ?

100%

ISP	Beijing Teletron Telecom Engineering Co., Ltd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS55990
Domain Name	drpeng.com.cn
Country	🇨🇳 China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 1.94.17.74

Whois 1.94.17.74

IP Abuse Reports for 1.94.17.74:

This IP address has been reported a total of 428 times from 199 distinct sources. 1.94.17.74 was first reported on August 1st 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 Gem	2026-06-13 05:59:38 (2 days ago)	Unauthorized web scan.	Web App Attack
🇸🇮 administrator	2026-06-10 22:10:24 (4 days ago)	2026-06-09 00:07:24,525 fail2ban.actions [1104]: NOTICE [error-bots] Ban 1.94.17.74 2026-06- ... show more 2026-06-09 00:07:24,525 fail2ban.actions [1104]: NOTICE [error-bots] Ban 1.94.17.74 2026-06-10 00:06:54,842 fail2ban.actions [1080]: NOTICE [apache-badbots] Ban 1.94.17.74 2026-06-10 00:08:08,443 fail2ban.actions [1080]: NOTICE [error-bots] Ban 1.94.17.74 2026-06-09 00:07:24,525 fail2ban.actions [1104]: NOTICE [error-bots] Ban 1.94.17.74 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇿🇦 agentics	2026-06-10 02:55:09 (5 days ago)	1.94.17.74 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale ind ... show more 1.94.17.74 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale industrial operation attempting unrelenting brute-force login attempts for months on end - between all CIDR ranges in the botnet, our servers receive over 800 authentication attempts per minute on smtp, imap and relative mail ports, as well as ssh, and other protocols. IP INFO: - IP 1.94.17.74 - Anycast false - City N/A - Region N/A - Region Code N/A - Country N/A (N/A) - Continent N/A (N/A) - Range N/A - Provider N/A - Organisation N/A - Proxy N/A - Type N/A show less	Brute-Force SSH
🇿🇦 agentics	2026-06-10 02:41:08 (5 days ago)	1.94.17.74 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale ind ... show more 1.94.17.74 is one of many (potentially hijacked) hosts in a botnet. This attack is a large scale industrial operation attempting unrelenting brute-force login attempts for months on end - between all CIDR ranges in the botnet, our servers receive over 800 authentication attempts per minute on smtp, imap and relative mail ports, as well as ssh, and other protocols. IP INFO: - IP 1.94.17.74 - Anycast false - City Shanghai - Region Shanghai - Region Code SH - Country China (CN) - Continent Asia (AS) - Range 1.94.17.0/18 - Provider Huawei Cloud Service data center - Organisation Huawei Cloud Service - Proxy yes - Type Compromised Server show less	Brute-Force SSH
🇦🇹 urnilxfgbez	2026-06-09 22:45:00 (5 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 sargetun	2026-06-09 19:40:27 (5 days ago)	Honeypot: Auto-ban: 24 hour idle after honeypot interaction. Auto-reported from VPS honeypot.	Brute-Force SSH Hacking
🇺🇸 MPL	2026-06-09 09:42:39 (5 days ago)	tcp/22 (4 or more attempts)	Port Scan
Anonymous	2026-06-09 08:58:30 (5 days ago)	2026-06-09T09:58:29.866170+01:00 vps kernel: [42735671.460748] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-09T09:58:29.866170+01:00 vps kernel: [42735671.460748] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=1.94.17.74 DST=54.37.14.118 LEN=40 TOS=0x00 PREC=0x00 TTL=39 ID=46373 PROTO=TCP SPT=56653 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇺🇸 MPL	2026-06-09 08:37:51 (5 days ago)	tcp/22 (2 or more attempts)	Port Scan
Anonymous	2026-06-09 08:25:26 (5 days ago)	Unauthorized connection	Port Scan Hacking
🇺🇸 ShadowWhisperer	2026-06-09 07:51:56 (5 days ago)	botnet node [infected]	Brute-Force IoT Targeted Hacking Exploited Host
🇺🇸 RAP	2026-06-09 07:48:14 (5 days ago)	2026-06-09 07:48:14 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇫🇮 habs	2026-06-09 06:53:35 (5 days ago)	1.94.17.74 - - [09/Jun/2026:09:53:34 +0300] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/. ... show more 1.94.17.74 - - [09/Jun/2026:09:53:34 +0300] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 150 "-" "-" ... show less	Web App Attack
🇩🇪 Admins@FBN	2026-06-09 06:27:40 (5 days ago)	FW-PortScan: Traffic Blocked srcport=44913 dstport=22	Port Scan Hacking SSH
🇧🇷 SOC PR	2026-06-09 05:33:56 (6 days ago)	IPS: Apache HTTP Server Directory Traversal.	Web App Attack

Showing 1 to 15 of 428 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.46.13.63

🇳🇱 204.76.203.81

🇭🇰 199.45.154.146

🇧🇪 198.235.24.129

🇮🇷 185.231.181.16

🇨🇳 171.114.227.17

🇺🇸 137.184.149.253

🇨🇳 112.126.62.31

🇷🇺 95.165.25.233

🇩🇪 47.245.143.56

🇺🇸 209.50.167.12

🇰🇿 185.97.113.40

🇮🇹 172.253.228.149

🇸🇬 152.42.228.153

🇭🇰 103.231.14.54

🇮🇩 103.191.14.210

🇭🇰 103.112.173.87

🇲🇾 103.18.0.18

🇸🇪 83.233.149.204

🇷🇺 77.232.137.205