JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.235.126.80

74.235.126.80 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 79%: ?

79%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.235.126.80

Whois 74.235.126.80

IP Abuse Reports for 74.235.126.80:

This IP address has been reported a total of 18 times from 16 distinct sources. 74.235.126.80 was first reported on September 10th 2025, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-07 22:45:00 (12 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-07 21:51:24 (13 hours ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
Anonymous	2026-06-07 14:46:54 (20 hours ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-06-07 08:27:15 (1 day ago)	Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 ( ... show more Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 08:22:08 (1 day ago)	(mod_security) mod_security (id:949110) triggered by 74.235.126.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:949110) triggered by 74.235.126.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 04:22:03.246938 2026] [security2:error] [pid 1126:tid 1126] [client 74.235.126.80:33199] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "192.64.150.239"] [uri "/.git/HEAD"] [unique_id "aiUqK-pmG1SaOpXGfI7vXwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 07:28:49 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 74.235.126.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 74.235.126.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 03:28:46.069413 2026] [security2:error] [pid 9532:tid 9532] [client 74.235.126.80:34640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.188"] [uri "/.git/HEAD"] [unique_id "aiUdrh4_E9XGUIRAtwnEGgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 mondor.ro	2026-06-07 06:04:10 (1 day ago)	Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 74.235.126.80, Reason: ... show more Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 74.235.126.80, Reason:[(mod_security) mod_security (id:210492) triggered by 74.235.126.80 (US/United States/-): 3 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: show less	Port Scan
🇺🇸 RAP	2026-06-07 05:55:26 (1 day ago)	2026-06-07 05:55:26 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 zwebvigil	2026-06-07 04:10:56 (1 day ago)	74.235.126.80 [06/Jun/2026:21:10:51 -0700] "GET /.git/HEAD HTTP/1.1" 401 381 "-" port=33849 "Mozill ... show more 74.235.126.80 [06/Jun/2026:21:10:51 -0700] "GET /.git/HEAD HTTP/1.1" 401 381 "-" port=33849 "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 471 74.235.126.80 [06/Jun/2026:21:10:52 -0700] "GET /.git/config HTTP/1.1" 401 381 "-" port=33379 "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 264 74.235.126.80 [06/Jun/2026:21:10:52 -0700] "GET /.env HTTP/1.1" 401 381 "-" port=33848 "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" "-" "-" "<ipaddr>" 535 74.235.126.80 [06/Jun/2026:21:10:54 -0700] "GET /.env.local HTTP/1.1" 401 381 "-" port=33833 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 334 74.235.126.80 [06/Jun/2026:21:10:55 -0700] "GET /.env.production HTTP/1.1" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 04:10:07 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 74.235.126.80 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 74.235.126.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:09:59.949753 2026] [security2:error] [pid 21733:tid 21733] [client 74.235.126.80:34534] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.78"] [uri "/.git/HEAD"] [unique_id "aiTvF0tWriT_s_zFCbNy1wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 04:10:03 (1 day ago)	\| Suspicious URL access.	Web App Attack Hacking SQL Injection
🇦🇹 centurion	2026-06-07 03:49:35 (1 day ago)	Unauthorized attempt on git [2087/tcp] Source port: 34473 TTL: 43 Packet length: 60 TOS: 0x00 https: ... show more Unauthorized attempt on git [2087/tcp] Source port: 34473 TTL: 43 Packet length: 60 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇷🇸 Scan	2026-06-07 03:13:07 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇯🇵 SentinalX by uzumaru	2026-06-05 03:57:41 (3 days ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: ptlogin.4399.com:443 show less	Open Proxy Port Scan
🇺🇸 xmission.com	2026-05-26 05:08:56 (1 week ago)	Blocked by UFW (TCP on 80) Source port: 18442 TTL: 112 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 18442 TTL: 112 Packet length: 40 TOS: 0x00 This report (for 74.235.126.80) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 117.34.85.169

🇺🇸 107.175.156.157

🇳🇱 91.92.42.34

🇺🇸 74.208.4.196

🇬🇧 37.44.218.234

🇺🇸 34.63.239.17

🇺🇸 2607:f8b0:4001:c20::121

🇮🇳 223.181.108.174

🇨🇳 218.28.78.67

🇧🇴 181.188.148.74

🇮🇳 125.23.155.110

🇨🇳 112.132.158.133

🇭🇰 74.125.179.156

🇺🇸 35.188.194.220

🇺🇸 23.104.75.66

🇺🇸 172.203.134.70

🇩🇪 167.94.146.70

🇵🇰 119.155.129.138

🇺🇸 67.207.94.208

🇱🇺 64.89.161.184