JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.70.42.74

172.70.42.74 was found in our database!

This IP was reported 91 times. Confidence of Abuse is 0%: ?

ISP	Cloudflare, Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 172.70.42.74 is an IP address from within our whitelist belonging to the subnet 172.64.0.0/13, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 172.70.42.74

Whois 172.70.42.74

IP Abuse Reports for 172.70.42.74:

This IP address has been reported a total of 91 times from 26 distinct sources. 172.70.42.74 was first reported on August 3rd 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-15 08:05:12 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:05:02.958146 2026] [security2:error] [pid 22819:tid 22819] [client 172.70.42.74:11947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backlogica.com"] [uri "/.env.backup"] [unique_id "agbTrts7eIQmA6THF72cTAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-21 22:05:58 (1 month ago)	Auto-ban: >3000 req/min op 2026-04-21	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-04-02 23:41:03 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 19:40:57.907564 2026] [security2:error] [pid 12125:tid 12125] [client 172.70.42.74:13336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rosecityexpress.com"] [uri "/web/.env"] [unique_id "ac7-iWuIhZ-msJeM-BlyRwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 21:56:54 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 17:56:46.325357 2026] [security2:error] [pid 10140:tid 10160] [client 172.70.42.74:13044] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.philacentric.com"] [uri "/.env.local.backup"] [unique_id "ac7mHqV7WorBhzpLI9xcbAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-02 06:18:04 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 02:17:55.353937 2026] [security2:error] [pid 27311:tid 27311] [client 172.70.42.74:13601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.aden.us"] [uri "/.env.dev"] [unique_id "ac4KE2Ppwk0hgfEo1nek3wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 00:23:54 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 20:23:45.239560 2026] [security2:error] [pid 22227:tid 22227] [client 172.70.42.74:11253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kylight.net"] [uri "/.env_backup"] [unique_id "acxlkeDs_zsaPUlk8AAlPgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 11:53:00 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 07:52:54.597794 2026] [security2:error] [pid 9453:tid 9464] [client 172.70.42.74:13994] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.woofnrose.com"] [uri "/.env2"] [unique_id "acu1lky1u584rK48ZZKr8AAAAIc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 11:11:36 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 07:11:32.296706 2026] [security2:error] [pid 18926:tid 18926] [client 172.70.42.74:10035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.esad.com"] [uri "/.env.json"] [unique_id "acur5EQtuJErkcwpWb_wswAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 10:43:41 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 06:43:22.423125 2026] [security2:error] [pid 21564:tid 21564] [client 172.70.42.74:13119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lunarinfrastructure.com"] [uri "/var/www/html/.env"] [unique_id "aculShgyM4bjOKOo6Y-SnQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 10:24:49 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 06:24:44.317175 2026] [security2:error] [pid 5260:tid 5260] [client 172.70.42.74:9998] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.goldandsilveratspot.mroxygen.org"] [uri "/.env.dev"] [unique_id "acug7KGtLDQm0-x9nXKYnAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 06:38:25 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 02:38:14.141991 2026] [security2:error] [pid 25244:tid 25323] [client 172.70.42.74:9366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.stridemechanics.com"] [uri "/site/.env"] [unique_id "actr1vzxlQiUwoDmTXDpEQAAAcw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 06:15:28 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 02:15:00.906824 2026] [security2:error] [pid 16941:tid 16941] [client 172.70.42.74:12350] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "4tee2stock.fynyx.com"] [uri "/.env.local"] [unique_id "actmZGXsjMOGfWproTK-6AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 05:57:13 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 01:57:08.824860 2026] [security2:error] [pid 3969:tid 3969] [client 172.70.42.74:12964] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.evelia.com"] [uri "/public/.env"] [unique_id "actiNPmlyyOycPh7wCocHQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 www.mammazone.it	2026-03-05 12:00:01 (3 months ago)	fabiodirauso.it:443 172.70.42.74 - - [05/Mar/2026:12:59:55 +0100] "GET /fabiodirauso.it.bak HTTP/1.1 ... show more fabiodirauso.it:443 172.70.42.74 - - [05/Mar/2026:12:59:55 +0100] "GET /fabiodirauso.it.bak HTTP/1.1" 206 4729 "-" "Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36" fabiodirauso.it:443 172.70.42.74 - - [05/Mar/2026:12:59:59 +0100] "GET /fabiodirauso.it_db.bak HTTP/1.1" 206 915 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36" ... show less	Hacking
🇺🇸 MirrorImageGaming	2026-02-08 22:34:09 (4 months ago)	HTTP probe(s) @ TCP 80 US	Port Scan

Showing 1 to 15 of 91 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.165.85.39

🇨🇳 182.138.158.136

🇺🇸 162.216.150.249

🇨🇳 120.36.16.240

🇮🇩 117.102.86.226

🇫🇷 85.217.140.41

🇬🇧 82.17.55.220

🇳🇱 78.142.18.172

🇰🇪 41.89.227.164

🇹🇼 35.234.39.103

🇨🇦 20.220.10.205

🇨🇳 220.250.10.11

🇸🇬 212.73.148.40

🇦🇺 202.62.129.18

🇹🇼 198.235.24.66

🇬🇧 193.163.125.165

🇺🇸 172.202.118.46

🇺🇸 172.191.239.155

🇩🇪 151.243.11.37

🇺🇸 95.164.233.136