JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.235.79.34

74.235.79.34 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.235.79.34

Whois 74.235.79.34

IP Abuse Reports for 74.235.79.34:

This IP address has been reported a total of 25 times from 21 distinct sources. 74.235.79.34 was first reported on April 30th 2026, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 VXG-NET	2026-06-07 12:40:58 (10 hours ago)	port=80, indicator_type=info-leak	Hacking
🇺🇸 MPL	2026-06-07 11:59:23 (11 hours ago)	tcp port scan (8 or more attempts)	Port Scan
🇩🇪 bescared	2026-06-07 10:45:48 (12 hours ago)	F2B - Malicious activity detected. Excessive port scans. -8ff06ede-	Port Scan
🇹🇭 Sawasdee	2026-06-07 10:45:06 (12 hours ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇬🇧 gurnip	2026-06-07 10:37:48 (12 hours ago)	Vulnerability probe of page /.git/HEAD, not found on server.	Brute-Force Web App Attack
🇳🇱 BlueWire Hosting	2026-06-07 10:09:34 (12 hours ago)	Probing websites for vulnerabilities	Web App Attack
🇧🇾 lns.bz	2026-06-07 10:08:08 (12 hours ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 09:18:21 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 74.235.79.34 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 74.235.79.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 05:18:16.999626 2026] [security2:error] [pid 10747:tid 10747] [client 74.235.79.34:12628] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.90"] [uri "/.git/HEAD"] [unique_id "aiU3WM8DPnWstUoH_ObwjgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 rellim.com	2026-06-07 08:44:20 (14 hours ago)	Jun 7 01:44:19 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08 ... show more Jun 7 01:44:19 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=74.235.79.34 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=3788 DF PROTO=TCP SPT=12017 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 7 01:44:19 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=74.235.79.34 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=8011 DF PROTO=TCP SPT=11485 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 7 01:44:19 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=74.235.79.34 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=13451 DF PROTO=TCP SPT=11980 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇫🇷 LRNP	2026-06-07 08:27:50 (14 hours ago)	_:80 74.235.79.34 - - [07/Jun/2026:08:27:47 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Wi ... show more _:80 74.235.79.34 - - [07/Jun/2026:08:27:47 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇧🇷 SOC PR	2026-06-07 07:32:18 (15 hours ago)	IPS: Web Server Exposed Git Repository Information Disclosure.	Hacking
🇳🇱 tpjg	2026-06-07 07:05:15 (16 hours ago)	Automated: 15 requests with error status in 120s window from 74.235.79.34. Evidence: /.DS_Store:301, ... show more Automated: 15 requests with error status in 120s window from 74.235.79.34. Evidence: /.DS_Store:301,/actuator/env:301,/server-status:301,/phpinfo.php:301,/config/database.yml:301,/.aws/credentials:301,/wp-config.php.bak:301,/wp-config.php:301,/.env.save:301,/.env.backup:301,/.env.production:301,/.env.local:301,/.env:301,/.git/config:301,/.git/HEAD:301 show less	Web App Attack
🇨🇦 polycoda	2026-06-02 00:41:51 (5 days ago)	AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based) - 📡 Port Scan (Non Decay-Based) - ⚙️ Configurat ... show more AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based) - 📡 Port Scan (Non Decay-Based) - ⚙️ Configuration File Access (Non Decay-Based) show less	Port Scan Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 00:36:33 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 74.235.79.34 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 74.235.79.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 20:36:26.408853 2026] [security2:error] [pid 16360:tid 16360] [client 74.235.79.34:22578] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.181"] [uri "/.git/HEAD"] [unique_id "ah4lirWWT_Ickkz_MqUu7AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ✨	2026-06-02 00:30:11 (5 days ago)	Rule : Security Rule: Security Event: Security 0 - %592 74.235.79.34 22021 77.90.37.146 2087 6 St ... show more Rule : Security Rule: Security Event: Security 0 - %592 74.235.79.34 22021 77.90.37.146 2087 6 Stealth 240164 %597 13 show less	Port Scan Hacking Brute-Force

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.84.100.241

🇺🇸 208.84.100.38

🇺🇸 148.153.188.246

🇩🇪 68.183.77.0

🇺🇸 47.254.30.91

🇷🇸 185.119.89.78

🇩🇪 141.11.250.227

🇵🇰 110.38.221.11

🇫🇷 82.102.18.220

🇺🇸 208.84.100.192

🇺🇸 208.84.100.165

🇧🇪 198.235.24.163

🇹🇼 198.235.24.69

🇺🇸 147.182.183.54

🇨🇳 118.145.111.55

🇦🇺 34.129.255.217

🇺🇸 208.84.100.152

🇨🇬 197.157.252.162

🇪🇬 197.50.40.99

🇳🇱 176.65.139.218