JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.246.117.75

4.246.117.75 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 91%: ?

91%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Moses Lake, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.246.117.75

Whois 4.246.117.75

IP Abuse Reports for 4.246.117.75:

This IP address has been reported a total of 21 times from 16 distinct sources. 4.246.117.75 was first reported on May 22nd 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 demonsword	2026-06-04 11:26:39 (2 days ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: icanhazip.com:443 show less	Open Proxy Port Scan
🇺🇸 chronos	2026-06-03 06:23:44 (3 days ago)	[AUTORAVALT][[03/06/2026 - 03:23:43 -03:00 UTC] Attack from [Microsoft Corporation] [4.246.117.75] A ... show more [AUTORAVALT][[03/06/2026 - 03:23:43 -03:00 UTC] Attack from [Microsoft Corporation] [4.246.117.75] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software p] ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-06-03 05:55:26 (3 days ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Justin F. \| AS204464	2026-06-03 05:40:37 (3 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2082 [1], 2083 [1], 2086 [1] TCP ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2082 [1], 2083 [1], 2086 [1] TCP Reported by: Justin F. show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 04:39:36 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 4.246.117.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.246.117.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:39:29.970347 2026] [security2:error] [pid 14024:tid 14024] [client 4.246.117.75:65104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.203"] [uri "/wp-config.php"] [unique_id "ah-wAcBHcJN-xXWdN2xdtAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-03 00:07:34 (3 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 RAP	2026-06-02 22:24:31 (4 days ago)	2026-06-02 22:24:31 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 NXTwoThou	2026-06-02 21:47:29 (4 days ago)	/.git/HEAD	Web App Attack
🇺🇸 xmission.com	2026-06-02 21:26:01 (4 days ago)	Blocked by UFW (TCP on 2087) Source port: 31922 TTL: 53 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 31922 TTL: 53 Packet length: 60 TOS: 0x00 This report (for 4.246.117.75) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇭 GAS	2026-06-02 20:29:38 (4 days ago)	Bad Bot. 4.246.117.75 - - [02/Jun/2026:22:29:37 +0200] "GET /.git/config HTTP/1.1" 402 2454 "-" "Moz ... show more Bad Bot. 4.246.117.75 - - [02/Jun/2026:22:29:37 +0200] "GET /.git/config HTTP/1.1" 402 2454 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "REDACTED" "" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 19:55:39 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 4.246.117.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.246.117.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:55:36.347936 2026] [security2:error] [pid 25857:tid 25857] [client 4.246.117.75:31884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.149"] [uri "/.git/config"] [unique_id "ah81OFQDltMntzSWuxEJ3QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 19:30:37 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 4.246.117.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.246.117.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:30:33.190353 2026] [security2:error] [pid 18992:tid 19016] [client 4.246.117.75:32686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.79"] [uri "/.git/HEAD"] [unique_id "ah8vWQjG7U1Gf2N3ZPpHzQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2026-06-02 19:10:58 (4 days ago)	firewall-block, port(s): 80/tcp, 443/tcp, 2082/tcp, 2083/tcp, 2086/tcp, 2087/tcp, 8080/tcp, 8443/tcp	Port Scan
🇬🇧 PeravixGroup	2026-06-02 18:47:17 (4 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-06-02 17:38:37 (4 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.117.176.58

🇺🇸 72.167.50.103

🇩🇪 3.77.221.157

🇹🇼 198.235.24.98

🇺🇸 162.216.150.231

🇭🇰 152.32.171.213

🇨🇳 113.88.38.59

🇮🇩 203.2.151.28

🇹🇼 198.235.24.73

🇲🇽 186.96.145.241

🇩🇪 185.17.144.69

🇸🇬 103.20.122.54

🇿🇦 102.64.35.224

🇭🇰 101.36.107.233

🇪🇪 31.59.160.12

🇺🇸 2607:f8b0:400e:c06::12d

🇧🇷 201.76.120.30

🇺🇸 172.105.128.13

🇩🇪 172.71.172.149

🇺🇸 47.254.30.91