JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.235.142.17

74.235.142.17 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 62%: ?

62%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.235.142.17

Whois 74.235.142.17

IP Abuse Reports for 74.235.142.17:

This IP address has been reported a total of 31 times from 24 distinct sources. 74.235.142.17 was first reported on April 7th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 gtheo99	2026-06-19 03:47:14 (1 day ago)	74.235.142.17 (US/United States/-), 3 distributed cpanel attacks on account [root] in the last 900 s ... show more 74.235.142.17 (US/United States/-), 3 distributed cpanel attacks on account [root] in the last 900 secs show less	SSH Brute-Force Hacking
🇮🇱 spd.co.il	2026-06-16 10:02:05 (3 days ago)	Web application attack detected	Hacking Web App Attack
Anonymous	2026-06-15 00:33:06 (5 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-06-14 16:19:49 (5 days ago)	tcp port scan (10 or more attempts)	Port Scan
🇺🇸 Axel	2026-06-14 13:38:59 (5 days ago)	Blocked by UFW on MVI [2096/tcp] \| SPT: 19334 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2096/tcp] \| SPT: 19334 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-14 13:29:23 (5 days ago)	tcp port scan (18 or more attempts)	Port Scan
🇩🇪 acadeova	2026-06-14 13:17:55 (5 days ago)	🚨 Recon detected (nft drop) SRC=74.235.142.17 Observed=TCP dpt=2095 in=enp0s6 ttl=47 Time=recent(jou ... show more 🚨 Recon detected (nft drop) SRC=74.235.142.17 Observed=TCP dpt=2095 in=enp0s6 ttl=47 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-14 13:11:02 (5 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2095 [1] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2095 [1] TCP Reported by: Justin F. show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-14 12:37:23 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 74.235.142.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 74.235.142.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:37:18.602509 2026] [security2:error] [pid 26675:tid 26687] [client 74.235.142.17:20393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.81"] [uri "/.git/HEAD"] [unique_id "ai6gfvS55JoBfgKL7MdusgAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-14 11:55:19 (5 days ago)	. Matched phrase "/.git/" at REQUEST_URI. (210492-143)	Web App Attack
🇺🇸 xmission.com	2026-05-30 19:58:39 (2 weeks ago)	Blocked by UFW (TCP on 8333) Source port: 34824 TTL: 47 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8333) Source port: 34824 TTL: 47 Packet length: 60 TOS: 0x00 This report (for 74.235.142.17) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-05-20 07:08:24 (4 weeks ago)	(PERMBLOCK) 74.235.142.17 (US/United States/-) has had more than 4 temp blocks in the last 86400 sec ... show more (PERMBLOCK) 74.235.142.17 (US/United States/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
Anonymous	2026-05-20 05:52:20 (4 weeks ago)	(caddyscan) Scanner path probe from 74.235.142.17 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 74.235.142.17 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:52:19 +0000] "GET /config/.env.example HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:52:19 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:52:19 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:52:19 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:52:19 +0000] "GET /.env HTTP/1.1" show less	Port Scan
Anonymous	2026-05-20 05:18:37 (4 weeks ago)	(caddyscan) Scanner path probe from 74.235.142.17 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 74.235.142.17 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:18:34 +0000] "GET /config/.env.example HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:18:34 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:18:34 +0000] "GET /config/.env.example HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:18:34 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:05:18:34 +0000] "GET /.git/config HTTP/1.1" show less	Port Scan
Anonymous	2026-05-20 04:45:12 (1 month ago)	(caddyscan) Scanner path probe from 74.235.142.17 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 74.235.142.17 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:04:45:12 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:04:45:12 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:04:45:12 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:04:45:12 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" [REDACTED] 200 2627 74.235.142.17 - - [20/May/2026:04:45:12 +0000] "GET /@fs/.git/config?import?raw HTTP/1.1" show less	Port Scan

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇮🇳 157.20.228.141

🇻🇳 103.218.122.50

🇳🇱 91.92.40.50

🇳🇱 89.21.67.182

🇺🇸 66.132.172.240

🇱🇹 45.227.254.170

🇬🇧 35.203.211.134

🇨🇳 220.177.133.191

🇺🇸 216.25.89.143

🇺🇸 192.241.141.178

🇲🇽 187.155.174.238

🇳🇱 185.246.188.73

🇺🇸 172.236.111.197

🇩🇪 141.11.243.121

🇺🇸 134.122.21.135

🇺🇸 52.242.128.238

🇨🇳 49.86.115.203

🇺🇸 45.79.181.179

🇺🇸 45.79.128.205