JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.74.77.62

20.74.77.62 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 37%: ?

37%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.74.77.62

Whois 20.74.77.62

IP Abuse Reports for 20.74.77.62:

This IP address has been reported a total of 57 times from 35 distinct sources. 20.74.77.62 was first reported on January 23rd 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 lakered	2026-06-11 13:50:21 (3 days ago)	Detectors: [NGINX] \| Reasons: Nginx: Default server trap hit \| Automated scan targeting an unauthori ... show more Detectors: [NGINX] \| Reasons: Nginx: Default server trap hit \| Automated scan targeting an unauthorized host or default server sinkhole \| Tech Evidence: Incomplete-Browser-Profile (Missing: Accept, Accept-Language), TLS-JA4-Spoofing-Detected (UA claims Browser but JA4 reports No-HTTP/2: t13d141000), JA4: t13d141000 \| UA: Mozilla/5.0 show less	Port Scan Bad Web Bot Exploited Host
🇨🇭 4server	2026-06-11 10:12:48 (3 days ago)	[ThuJun1112:12:41.1526412026][security2:error][pid2748464:tid2748797][client20.74.77.62:0]ModSecurit ... show more [ThuJun1112:12:41.1526412026][security2:error][pid2748464:tid2748797][client20.74.77.62:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\\$\(\?:\\\\\\\\\(\(\?:\\\\\\\\\(.\\\\\\\\\$\\|.\\)\\\\\\\\\)\\|\\\\\\\\{.\\\\\\\\\}\)\\|[\<\>]\\\\\\\\$.\\\\\\\\\$\)\"atARGS:0.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"396\"][id\"393655\"][rev\"17\"][msg\"Atomicorp.comWAFRules:PossibleRemoteCommandExecution:UnixShellExpressionFound\"][data\"MatchedData:\${encodeuricomponent$string\(res$\)}307\`}\)_chunks:\$q2_formdata:{get:\$1:constructor:constructor}}}foundwithinARGS:0:{then:\$1:__proto__:thenstatus:resolved_modelreason:-1value:{then:\$b1337}_response:{_prefix:varres=$function\(${var_r=typeofrequire\!==undefined\?require:$process.mainmodule\?process.mainmodule.require.bind\(process.mainmodule$:$typeofglobalthis.require\!==undefined\?globalthis.require:null$\)return12899339148110000}\)throwobject.assign$newerror\(next_redirect${...\"][tag\"attack-rce\"][ho show less	Hacking Web App Attack
🇫🇷 masterguru	2026-06-11 01:11:25 (4 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.74.77.62 (FR/France/-): 1 in the l ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.74.77.62 (FR/France/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇱🇻 garmtech.com	2026-06-11 00:16:04 (4 days ago)	IM360 WAF: RCE via prototype pollution in React Server Components < 19.0.1/19.1.2/19.2.1 or Next.js ... show more IM360 WAF: RCE via prototype pollution in React Server Components < 19.0.1/19.1.2/19.2.1 or Next.js < 15.0.5/16.0.7 (CVE-2025-55182, CVE-2025-66478) show less	Hacking
🇮🇪 RoboSOC	2026-06-02 05:43:33 (1 week ago)	React Server Components Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
Anonymous	2026-06-01 14:28:13 (1 week ago)	React.Server.Components.react-flight.Remote.Code.Execution	Exploited Host
🇫🇷 masterguru	2026-06-01 11:15:09 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.74.77.62 (FR/France/-): 2 in the l ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.74.77.62 (FR/France/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇱🇻 garmtech.com	2026-05-31 00:40:12 (2 weeks ago)	IM360 WAF: RCE via prototype pollution in React Server Components < 19.0.1/19.1.2/19.2.1 or Next.js ... show more IM360 WAF: RCE via prototype pollution in React Server Components < 19.0.1/19.1.2/19.2.1 or Next.js < 15.0.5/16.0.7 (CVE-2025-55182, CVE-2025-66478) show less	Hacking
🇨🇳 ThreatBook.io	2026-04-02 23:58:07 (2 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/20.74.77.62	SSH
🇺🇸 RAP	2026-04-01 21:50:18 (2 months ago)	2026-04-01 21:50:18 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇺🇸 RAP	2026-04-01 20:01:18 (2 months ago)	2026-04-01 20:01:18 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 zupan	2026-04-01 14:07:26 (2 months ago)	Blocked by UFW on vps [2323/tcp] \| SPT: 43696 \| TTL: 47 \| LEN: 40 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on vps [2323/tcp] \| SPT: 43696 \| TTL: 47 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan IoT Targeted
🇹🇷 rtbh.com.tr	2026-03-31 16:12:20 (2 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force
🇺🇸 RAP	2026-03-31 01:01:16 (2 months ago)	2026-03-31 01:01:16 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇨🇳 ThreatBook.io	2026-03-30 23:34:41 (2 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/20.74.77.62	SSH

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.119.30

🇨🇮 160.154.31.234

🇮🇳 103.21.79.242

🇳🇱 89.248.167.131

🇳🇱 35.204.97.136

🇮🇳 35.200.163.78

🇺🇸 2607:f8b0:4001:c62::12e

🇫🇷 194.187.171.146

🇮🇶 185.166.25.150

🇺🇸 172.86.114.38

🇺🇸 142.93.181.239

🇺🇸 124.198.131.39

🇮🇳 122.167.101.220

🇲🇲 120.88.34.154

🇮🇳 103.170.85.190

🇧🇬 82.102.23.100

🇺🇸 44.250.0.35

🇮🇳 34.131.156.65

🇦🇺 34.40.162.214

🇮🇶 194.31.220.229