JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.246.117.76

4.246.117.76 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 98%: ?

98%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Moses Lake, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.246.117.76

Whois 4.246.117.76

IP Abuse Reports for 4.246.117.76:

This IP address has been reported a total of 18 times from 16 distinct sources. 4.246.117.76 was first reported on June 2nd 2026, and the most recent report was 1 minute ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (1 minute ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 chronos	2026-06-03 06:23:50 (16 hours ago)	[AUTORAVALT][[03/06/2026 - 03:23:50 -03:00 UTC] Attack from [Microsoft Corporation] [4.246.117.76] A ... show more [AUTORAVALT][[03/06/2026 - 03:23:50 -03:00 UTC] Attack from [Microsoft Corporation] [4.246.117.76] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software p] ... show less	Hacking Web App Attack
🇩🇪 Justin F. \| AS204464	2026-06-03 05:40:37 (17 hours ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2087 [1] TCP Reported by: Justin ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2087 [1] TCP Reported by: Justin F. show less	Port Scan
🇧🇷 SOC Blue Team	2026-06-03 05:26:03 (17 hours ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-03 04:39:21 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 4.246.117.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.246.117.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:39:15.135792 2026] [security2:error] [pid 15541:tid 15541] [client 4.246.117.76:1694] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.203"] [uri "/.git/HEAD"] [unique_id "ah-v8-VABMXqZ4RKy9YrFgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 04:06:04 (18 hours ago)	Bot / scanning and/or hacking attempts: GET /phpinfo.php HTTP/1.1, GET /.env.save HTTP/1.1, GET /con ... show more Bot / scanning and/or hacking attempts: GET /phpinfo.php HTTP/1.1, GET /.env.save HTTP/1.1, GET /config/database.yml HTTP/1.1, POST /___proxy_subdomain_whm/login/?login_only=1 HTTP/1.1, GET /app/config/parameters.yml HTTP/1.1, GET /___proxy_subdomain_whm/login/ HTTP/1.1, GET /server-status HTTP/1.1, GET /wp-config.php.bak HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 itsolon	2026-06-03 03:08:47 (19 hours ago)	[03/Jun/2026:05:08:44 +0200] 178045612489.222212 4.246.117.76 1051 217.154.7.177 80 [03/Jun/2026:05: ... show more [03/Jun/2026:05:08:44 +0200] 178045612489.222212 4.246.117.76 1051 217.154.7.177 80 [03/Jun/2026:05:08:45 +0200] 178045612569.549222 4.246.117.76 1132 217.154.7.177 80 [03/Jun/2026:05:08:46 +0200] 178045612681.144925 4.246.117.76 1115 217.154.7.177 80 [03/Jun/2026:05:08:46 +0200] 178045612632.965219 4.246.117.76 1128 217.154.7.177 80 [03/Jun/2026:05:08:47 +0200] 178045612769.067011 4.246.117.76 1056 217.154.7.177 80 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇺🇸 crooze.net	2026-06-03 03:08:23 (19 hours ago)	4.246.117.76 - - [02/Jun/2026:23:08:22 -0400] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Maci ... show more 4.246.117.76 - - [02/Jun/2026:23:08:22 -0400] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" ... show less	Web App Attack
🇷🇸 Scan	2026-06-03 01:53:42 (20 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-03 00:26:58 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 4.246.117.76 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.246.117.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 20:26:54.145271 2026] [security2:error] [pid 24827:tid 24827] [client 4.246.117.76:64084] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.157"] [uri "/.git/config"] [unique_id "ah90zuTfYTwI-5v3iJhfFgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-06-03 00:24:02 (22 hours ago)	2026-06-03 00:24:02 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇩🇪 ITSNF	2026-06-03 00:05:03 (22 hours ago)	Blocked by OPNsense firewall; 5 hits, proto=tcp, ports=2082,2083,443,80,8080	Port Scan Hacking
🇺🇸 MPL	2026-06-02 23:52:37 (22 hours ago)	tcp port scan (6 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-02 23:07:33 (23 hours ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.91

🇮🇩 103.98.176.164

🇪🇸 92.191.96.70

🇨🇦 192.53.122.28

🇭🇰 152.32.133.95

🇮🇳 122.252.241.175

🇩🇪 118.193.59.4

🇻🇳 103.172.236.241

🇵🇰 103.134.2.139

🇳🇱 93.174.95.106

🇫🇷 91.231.89.139

🇫🇷 91.231.89.137

🇨🇳 58.222.141.114

🇲🇽 189.152.101.153

🇭🇰 118.26.39.178

🇵🇹 109.50.185.153

🇫🇷 92.205.107.87

🇺🇸 91.230.168.238

🇺🇸 91.230.168.128

🇷🇴 89.47.53.19