JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 72.14.147.191

72.14.147.191 was found in our database!

This IP was reported 170 times. Confidence of Abuse is 100%: ?

100%

ISP	Lucid Growth LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	lucidgrowth.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 72.14.147.191

Whois 72.14.147.191

IP Abuse Reports for 72.14.147.191:

This IP address has been reported a total of 170 times from 124 distinct sources. 72.14.147.191 was first reported on May 23rd 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 ivanbiagi7	2026-06-01 01:04:36 (2 days ago)	(localhost/crowdsec) crowdsecurity/http-sensitive-files by ip 72.14.147.191 (US/834) : 4h ban on Ip ... show more (localhost/crowdsec) crowdsecurity/http-sensitive-files by ip 72.14.147.191 (US/834) : 4h ban on Ip 72.14.147.191 show less	Web App Attack
🇬🇧 andypiper	2026-06-01 01:02:12 (2 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 on-com	2026-06-01 00:57:07 (2 days ago)	URL scan	Brute-Force Web App Attack
🇳🇴 Bots.go.to.hell	2026-06-01 00:45:58 (2 days ago)	This IP was detected by CrowdSec triggering custom/http-bad-crawler-ban	Web App Attack Bad Web Bot
🇷🇴 INTEQ	2026-06-01 00:42:09 (2 days ago)	Web attack from 72.14.147.191	Web App Attack
🇩🇪 updown.io	2026-06-01 00:12:11 (2 days ago)	{"level":"info","ts":1780269728.3080916,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1780269728.3080916,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"72.14.147.191","remote_port":"40520","client_ip":"72.14.147.191","proto":"HTTP/1.1","method":"GET","host":"stats.coolamazingwebsite.com","uri":"/","headers":{"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8"],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Accept-Encoding":["gzip"],"User-Agent":["Mozilla/5.0 (iPhone; CPU iPhone OS 17_6_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Mobile/15E148 Safari/604.1"],"Accept-Language":["en-US,en;q=0.9"],"Sec-Fetch-Dest":["document"],"Sec-Fetch-Site":["none"]}},"bytes_read":0,"user_id":"","duration":0.000077117,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://stats.coolamazingwebsite.com/"],"Content-Type":[]}} {"level":"info","ts":1780272627.5575588,"logger":"http ... show less	DDoS Attack Web App Attack
🇺🇸 apislytics	2026-06-01 00:11:52 (2 days ago)	Automatic hard ban after repeated rate-limit abuse	Brute-Force
🇺🇸 infra-monitor	2026-06-01 00:00:15 (2 days ago)	Automated ban via infra-monitor: mgmt-path-probe, suspicious-probe	Port Scan Web App Attack
🇷🇺 genokrad	2026-05-31 23:54:08 (2 days ago)	Website scan TCP 80/443 "/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537."	Port Scan Web App Attack
🇺🇸 Power Ca	2026-05-31 23:40:09 (2 days ago)	72.14.147.191 - - [31/May/2026:23:40:09 +0000] "GET /application.properties HTTP/2.0" 404 66 "http:/ ... show more 72.14.147.191 - - [31/May/2026:23:40:09 +0000] "GET /application.properties HTTP/2.0" 404 66 "http://stats.leaderscartel.com/application.properties" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Web App Attack Hacking
🇩🇪 MusicLibrary	2026-05-31 23:27:14 (2 days ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇩🇪 bluematrix	2026-05-31 23:05:38 (2 days ago)	crowdsecurity/appsec-native - Ip 72.14.147.191 performed 'crowdsecurity/appsec-native' (4 events ove ... show more crowdsecurity/appsec-native - Ip 72.14.147.191 performed 'crowdsecurity/appsec-native' (4 events over 7.825569651s) at 2026-05-31 23:05:46.789520579 +0000 UTC show less	Port Scan Hacking Brute-Force Web App Attack
🇩🇪 igerman	2026-05-31 23:04:41 (2 days ago)	caddy probes: cloud-creds: GET /.aws/credentials(DROP) \| env-probe: GET /.env(DROP), GET /.env.backu ... show more caddy probes: cloud-creds: GET /.aws/credentials(DROP) \| env-probe: GET /.env(DROP), GET /.env.backup(DROP), GET /.env.bak(DROP), GET /.env.development(DROP), GET /.env.example(DROP), GET /.env.local(DROP), GET /.env.old(DROP), GET /.env.production(DROP), GET /.env.staging(DROP), GET /.env.test(DROP), GET /api/.env(DROP), GET /backend/.env(DROP), GET /config.env(DROP), GET /public/.env(DROP), GET /vault.env(DROP) \| git-repo: GET /.git/config(DROP) \| web: GET /.ssh/id_rsa(DROP), GET /application.properties(DROP), GET /application.yml(DROP), GET /config/application.properties(DROP), GET /config/secrets.yml(DROP), GET /secrets.json(DROP), GET /secrets.yml(DROP), GET /storage/logs/laravel.log(DROP) show less	Web App Attack
🇺🇸 kosada.com	2026-05-31 22:35:26 (2 days ago)	Web vulnerability probing: /application.yml	Web App Attack
🇦🇺 2000cn.com.au	2026-05-31 22:31:58 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking

Showing 31 to 45 of 170 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 206.189.230.61

🇩🇪 185.201.161.142

🇮🇶 185.56.194.80

🇺🇸 167.99.234.27

🇰🇷 115.68.208.117

🇨🇦 104.207.49.124

🇨🇦 104.207.48.91

🇺🇸 104.131.116.82

🇳🇱 93.123.109.10

🇨🇦 85.217.149.33

🇺🇸 52.33.112.111

🇳🇱 45.148.10.157

🇰🇷 43.203.221.108

🇺🇸 34.219.184.129

🇺🇸 18.220.216.202

🇺🇸 18.219.164.52

🇧🇷 15.229.159.164

🇸🇬 13.215.254.156

🇩🇪 3.121.100.9

🇨🇭 209.99.189.174