JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.235.117.101

74.235.117.101 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.235.117.101

Whois 74.235.117.101

IP Abuse Reports for 74.235.117.101:

This IP address has been reported a total of 35 times from 28 distinct sources. 74.235.117.101 was first reported on April 11th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Scan	2026-06-03 02:39:53 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-02 23:00:00 (1 day ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 22:15:53 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 74.235.117.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 74.235.117.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 18:15:47.214484 2026] [security2:error] [pid 29955:tid 29955] [client 74.235.117.101:12039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.207"] [uri "/.git/HEAD"] [unique_id "ah9WE0VBY3p_MiYGG-uNXQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 SeczarSecureOps	2026-06-02 21:57:31 (1 day ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (7 events in 10min) at 2026-06-02 21:57	Port Scan
🇩🇪 todix	2026-06-02 21:31:30 (1 day ago)	Web App Attack Exploid from 74.235.117.101	Web App Attack
Anonymous	2026-06-02 21:24:29 (1 day ago)	74.235.117.101 (US/United States/-), 5 distributed cpanel attacks on account [root] in the last 600 ... show more 74.235.117.101 (US/United States/-), 5 distributed cpanel attacks on account [root] in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: [2026-06-02 15:24:17 -0600] info [whostmgrd] 74.235.117.101 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-02 15:20:08 -0600] info [whostmgrd] 52.176.18.39 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-02 15:19:55 -0600] info [whostmgrd] 52.176.18.39 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-02 15:23:28 -0600] info [whostmgrd] 20.106.182.203 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-02 15:23:49 -0600] info [whostmgrd] 20.106.182.203 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect IP Addresses Blocked: show less	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-02 21:10:52 (1 day ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-7)	Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-02 21:06:28 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 74.235.117.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 74.235.117.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:06:25.478708 2026] [security2:error] [pid 20686:tid 20686] [client 74.235.117.101:11907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.219"] [uri "/.env.production"] [unique_id "ah9F0dngY5bu3rLvjE4WBwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SwinT	2026-06-02 21:00:03 (1 day ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇬🇧 PeravixGroup	2026-06-02 20:58:38 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 micropedro	2026-06-02 20:23:31 (1 day ago)	6 incidents: web scanning/attack, port scanning. Ports: 2082/TCP(1), 2083/TCP(1), 2086/TCP(1), 2087/ ... show more 6 incidents: web scanning/attack, port scanning. Ports: 2082/TCP(1), 2083/TCP(1), 2086/TCP(1), 2087/TCP(1), 8080/TCP(1). First: 2026-06-02 16:23, Last: 2026-06-02 16:23 UTC. Triggers: ufw-repeater,port-trap,non-public-port,recidive,firewall-tcp,firewall-http. show less	Port Scan Brute-Force Web App Attack
🇫🇷 GEDAL	2026-06-02 20:21:35 (1 day ago)	Fail2ban nginx-git @ <hostname> : 74.235.117.101 - - [02/Jun/2026:22:21:33 +0200] "GET /.git/config ... show more Fail2ban nginx-git @ <hostname> : 74.235.117.101 - - [02/Jun/2026:22:21:33 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" show less	Brute-Force SSH
🇦🇺 PetePK	2026-06-02 19:59:03 (1 day ago)	Probed 16 time(s): TCP/8080, TCP/2083, TCP/2082, TCP/2086, TCP/8443, TCP/443, TCP/2087, TCP/80	Port Scan
🇷🇴 abuse_IP_reporter	2026-06-02 19:45:22 (1 day ago)	Jun 2 22:38:31 server UFW BLOCK SRC=74.235.117.101 DF PROTO=TCP SPT=12288	Port Scan

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 151.33.254.25

🇵🇭 124.107.185.138

🇨🇳 117.50.213.145

🇰🇷 112.216.129.27

🇩🇿 105.97.162.60

🇩🇪 49.13.222.98

🇧🇷 45.177.210.193

🇳🇱 45.156.128.77

🇪🇹 196.189.245.128

🇧🇷 189.90.38.164

🇦🇱 185.226.89.235

🇺🇸 162.216.149.156

🇺🇸 162.216.149.60

🇯🇵 160.251.169.213

🇯🇵 156.227.232.91

🇭🇰 152.32.135.81

🇮🇳 122.187.227.152

🇰🇷 115.178.75.242

🇺🇸 104.243.46.222

🇧🇩 103.183.62.2