JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.249.157.90

74.249.157.90 was found in our database!

This IP was reported 183 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.249.157.90

Whois 74.249.157.90

IP Abuse Reports for 74.249.157.90:

This IP address has been reported a total of 183 times from 136 distinct sources. 74.249.157.90 was first reported on May 19th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 SCHAPPY	2026-05-20 03:25:04 (2 weeks ago)	Brute-force attack to non-existent web resources, HTTP code 404.	Brute-Force Web App Attack
🇫🇷 Lunix	2026-05-20 03:21:54 (2 weeks ago)		Brute-Force Web App Attack
🇷🇴 iulianh	2026-05-20 03:19:23 (2 weeks ago)	80,443	Brute-Force SSH
🇺🇸 ipblock.com	2026-05-20 03:16:00 (2 weeks ago)	IPBlock protected site ID [1438-do]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-05-20 03:15:16 (2 weeks ago)	Web App hacking attempt	Web App Attack
🇩🇪 todix	2026-05-20 02:52:26 (2 weeks ago)	Web App Attack Exploid from 74.249.157.90	Web App Attack
🇳🇴 Abuse Buster	2026-05-20 02:51:40 (2 weeks ago)	74.249.157.90 - [20/May/2026:04:51:38 +0200] "GET /admin.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Wind ... show more 74.249.157.90 - [20/May/2026:04:51:38 +0200] "GET /admin.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Connecting ip: 74.249.157.90 Forwared for: 74.249.157.90 74.249.157.90 - [20/May/2026:04:51:38 +0200] "GET /inputs.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Connecting ip: 74.249.157.90 Forwared for: 74.249.157.90 74.249.157.90 - [20/May/2026:04:51:38 +0200] "GET /file.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Connecting ip: 74.249.157.90 Forwared for: 74.249.157.90 74.249.157.90 - [20/May/2026:04:51:39 +0200] "GET /goods.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Connecting ip: 74.249.157.90 Forwared for: 74 ... show less	Web App Attack
🇫🇮 Christopher Hughes	2026-05-20 02:42:58 (2 weeks ago)	[Wed May 20 03:42:57.569590 2026] [proxy_fcgi:error] [pid 1128834:tid 139773645669952] [client 74.24 ... show more [Wed May 20 03:42:57.569590 2026] [proxy_fcgi:error] [pid 1128834:tid 139773645669952] [client 74.249.157.90:22573] AH01071: Got error 'Primary script unknown' [Wed May 20 03:42:57.732718 2026] [proxy_fcgi:error] [pid 1128834:tid 139774786520640] [client 74.249.157.90:22573] AH01071: Got error 'Primary script unknown' [Wed May 20 03:42:57.872259 2026] [proxy_fcgi:error] [pid 1128834:tid 139775025616448] [client 74.249.157.90:22573] AH01071: Got error 'Primary script unknown' [Wed May 20 03:42:58.011670 2026] [proxy_fcgi:error] [pid 1128834:tid 139775042401856] [client 74.249.157.90:22573] AH01071: Got error 'Primary script unknown' [Wed May 20 03:42:58.155817 2026] [proxy_fcgi:error] [pid 1128834:tid 139774199326272] [client 74.249.157.90:22573] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇩🇪 macrob	2026-05-20 02:12:18 (2 weeks ago)	2026/05/20 02:12:13 [error] 2781238#2781238: 241620047 access forbidden by rule, client: 74.249.157 ... show more 2026/05/20 02:12:13 [error] 2781238#2781238: 241620047 access forbidden by rule, client: 74.249.157.90, server: fastcredit.net.ua, request: "GET /wp-content/plugins/twenty/login.php HTTP/2.0", host: "fastcredit.net.ua" 2026/05/20 02:12:14 [error] 2781238#2781238: 241620018 access forbidden by rule, client: 74.249.157.90, server: fastcredit.net.ua, request: "GET /.dj/index.php HTTP/2.0", host: "fastcredit.net.ua" 2026/05/20 02:12:17 [error] 2781239#2781239: 241620059 access forbidden by rule, client: 74.249.157.90, server: fastcredit.net.ua, request: "GET /wp-content/index.php HTTP/2.0", host: "fastcredit.net.ua" ... show less	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-05-20 02:06:02 (2 weeks ago)	Fail2Ban - [NGINX]Malicious request blocked on nginx-444 ... [ice01]	Hacking Bad Web Bot
🇦🇺 nzhost.co.nz	2026-05-20 01:32:42 (2 weeks ago)	$f2bV_matches	Hacking Brute-Force
🇸🇪 nekopavel	2026-05-20 01:27:36 (2 weeks ago)	74.249.157.90 - - [20/May/2026:03:27:32 +0200]"GET /wp-content/plugins/twenty/login.php HTTP/1.1" 40 ... show more 74.249.157.90 - - [20/May/2026:03:27:32 +0200]"GET /wp-content/plugins/twenty/login.php HTTP/1.1" 404 50911"-" mishashto.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36""0.007" "0.000""Des Moines" "US" 74.249.157.90 - - [20/May/2026:03:27:32 +0200]"GET /wp-mail.php HTTP/1.1" 404 50891"-" mishashto.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36""0.008" "0.000""Des Moines" "US" 74.249.157.90 - - [20/May/2026:03:27:34 +0200]"GET /wp-mail.php HTTP/1.1" 404 50891"-" mishashto.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36""0.007" "0.001""Des Moines" "US" ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 antlac1	2026-05-20 01:25:39 (2 weeks ago)	crowdsecurity/http-crawl-non_statics	Brute-Force Web App Attack
🇩🇪 Philister11	2026-05-20 01:11:23 (2 weeks ago)	CrowdSec: crowdsecurity/http-backdoors-attempts (US/AS8075)	Web App Attack Hacking
🇦🇺 Anytech	2026-05-20 01:10:14 (2 weeks ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack

Showing 46 to 60 of 183 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 37.148.132.190

🇷🇺 37.77.150.67

🇳🇱 192.142.24.156

🇺🇸 192.3.218.12

🇦🇹 185.212.100.65

🇩🇪 167.94.145.24

🇺🇸 136.144.33.178

🇮🇩 103.26.128.236

🇳🇱 89.248.167.131

🇺🇸 85.239.151.41

🇺🇸 73.128.33.173

🇩🇪 69.5.169.107

🇺🇸 65.49.1.230

🇧🇷 45.205.1.244

🇸🇬 43.245.97.82

🇮🇳 27.123.88.186

🇵🇭 210.79.179.244

🇹🇼 198.235.24.36

🇿🇦 197.94.254.49

🇺🇸 192.142.2.40