JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.235.143.211

74.235.143.211 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 81%: ?

81%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.235.143.211

Whois 74.235.143.211

IP Abuse Reports for 74.235.143.211:

This IP address has been reported a total of 19 times from 17 distinct sources. 74.235.143.211 was first reported on May 24th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 22:30:18 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 74.235.143.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 74.235.143.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 18:30:14.835209 2026] [security2:error] [pid 17205:tid 17205] [client 74.235.143.211:37346] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.51"] [uri "/.env"] [unique_id "ah9ZdiRvy4ZdQZ0Sh2ewsgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Zydzy	2026-06-02 22:01:11 (1 week ago)	Automated attack detected. Server: 95.140.154.181. Jail: nginx-exploit.	Web App Attack
🇫🇷 vincent_EUDIER	2026-06-02 21:40:03 (1 week ago)	SURICATA HTTP unable to match response to request	Hacking
🇺🇸 TPI-Abuse	2026-06-02 21:36:59 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 74.235.143.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 74.235.143.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:36:54.434452 2026] [security2:error] [pid 27944:tid 27944] [client 74.235.143.211:37478] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.74"] [uri "/.git/HEAD"] [unique_id "ah9M9tmfYCP_r8hh-C1_9gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 check-the-sum.fr	2026-06-02 21:35:31 (1 week ago)	Port Scanning	Port Scan
🇺🇸 MPL	2026-06-02 21:03:41 (1 week ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 RAP	2026-06-02 20:50:01 (1 week ago)	2026-06-02 20:50:01 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇫🇷 andreighitan	2026-06-02 19:58:06 (1 week ago)	Coordinated attack against 84.46.253.134. Webshell scanning, credential harvesting (.env, wp-config, ... show more Coordinated attack against 84.46.253.134. Webshell scanning, credential harvesting (.env, wp-config, .git), PHP vuln scanning. Active June 2 2026. ZAC Bayern ref BY0257-500359-26/8. show less	Web App Attack Brute-Force
🇺🇸 TPI-Abuse	2026-06-02 19:53:02 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 74.235.143.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 74.235.143.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:52:59.627683 2026] [security2:error] [pid 13769:tid 13769] [client 74.235.143.211:37546] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.179"] [uri "/.git/HEAD"] [unique_id "ah80m3Tj4fPmMblnrHHrvQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-02 19:43:22 (1 week ago)	Multiple WAF Violations	Web App Attack
🇧🇾 lns.bz	2026-06-02 19:41:30 (1 week ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 SSP	2026-06-02 19:10:02 (1 week ago)	Automatic report from iptables firewall - detected malicious activity	DDoS Attack Brute-Force SSH Web App Attack Port Scan Hacking
Anonymous	2026-06-02 18:11:00 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇮🇪 AutosOnShow	2026-06-02 17:52:06 (1 week ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-02 17:51:08.726 \|	Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 91.231.89.93

🇩🇪 213.209.159.56

🇺🇸 206.212.244.18

🇧🇷 200.53.16.24

🇺🇸 173.239.211.7

🇺🇸 162.216.149.170

🇨🇳 118.196.86.3

🇨🇳 39.104.63.170

🇮🇳 182.66.214.70

🇭🇰 118.193.43.158

🇮🇹 37.117.151.136

🇺🇸 34.106.85.174

🇺🇸 24.142.170.231

🇷🇴 2.57.121.25

🇵🇱 2001:41d0:601:1100::3b22

🇬🇹 190.56.126.22

🇫🇷 185.177.72.30

🇺🇸 165.22.8.7

🇺🇸 107.150.103.210

🇺🇸 104.245.243.198