JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.249.78.162

74.249.78.162 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.249.78.162

Whois 74.249.78.162

IP Abuse Reports for 74.249.78.162:

This IP address has been reported a total of 36 times from 27 distinct sources. 74.249.78.162 was first reported on August 2nd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-03 06:47:21 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 74.249.78.162 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 74.249.78.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:47:16.858642 2026] [security2:error] [pid 14955:tid 14955] [client 74.249.78.162:53894] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.249"] [uri "/.git/HEAD"] [unique_id "ah_N9I-Ayg_nq4PlBHDcVAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 tpjg	2026-06-03 06:34:57 (1 day ago)	Automated: 15 requests with error status in 120s window from 74.249.78.162. Evidence: /___proxy_subd ... show more Automated: 15 requests with error status in 120s window from 74.249.78.162. Evidence: /___proxy_subdomain_whm/login/:404,/___proxy_subdomain_whm/login/:404,/dump.sql:301,/.htpasswd:301,/app/config/parameters.yml:301,/config.php:301,/.DS_Store:301,/actuator/env:301,/config/database.yml:301,/.aws/credentials:301,/wp-config.php:301,/.env.backup:301,/.env.production:301,/.env.local:301,/.git/config:301 show less	Web App Attack
🇩🇪 acadeova	2026-06-03 05:50:07 (1 day ago)	Blocked by UFW on vps2 [2087/tcp] Source port: 53978 TTL: 48 Packet length: 60 TOS: 0x00 This repor ... show more Blocked by UFW on vps2 [2087/tcp] Source port: 53978 TTL: 48 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇧🇷 SOC PR	2026-06-03 04:41:20 (1 day ago)	IPS: Web Server Exposed Git Repository Information Disclosure.	Hacking
🇺🇸 MakoWish	2026-06-03 04:29:56 (1 day ago)	Fuzzing for misconfigured web servers.	Hacking Web App Attack
🇺🇸 RAP	2026-06-03 03:13:55 (1 day ago)	2026-06-03 03:13:55 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 antlac1	2026-06-03 02:40:49 (1 day ago)	crowdsecurity/http-sensitive-files	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 02:35:47 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 74.249.78.162 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 74.249.78.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 22:35:41.591922 2026] [security2:error] [pid 27884:tid 27884] [client 74.249.78.162:53963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.214"] [uri "/.git/HEAD"] [unique_id "ah-S_XnwC2DrJEeI87IlQwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 02:04:07 (1 day ago)	Bot / scanning and/or hacking attempts: GET /.env.backup HTTP/1.1, GET /.env.local HTTP/1.1, GET /.e ... show more Bot / scanning and/or hacking attempts: GET /.env.backup HTTP/1.1, GET /.env.local HTTP/1.1, GET /.env HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 Dennis	2026-06-03 02:00:53 (1 day ago)	74.249.78.162 has been banned for triggering http-probing (13 events over 22.263562173s).	Brute-Force Web App Attack
🇩🇪 Prodscape	2026-06-03 01:51:19 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 74.249.78.162 (US/United States/-): 5 in the la ... show more (mod_security) mod_security (id:210492) triggered by 74.249.78.162 (US/United States/-): 5 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC show less	Port Scan
🇩🇪 rzk	2026-06-03 01:48:02 (1 day ago)	CrowdSec scenario: crowdsecurity/http-sensitive-files. Banned by Koru Cloud platform after multi-eve ... show more CrowdSec scenario: crowdsecurity/http-sensitive-files. Banned by Koru Cloud platform after multi-event detection. ASN: MICROSOFT-CORP-MSN-AS-BLOCK. Country: US. Timestamp: 2026-06-03T01:48:02+00:00. show less	Bad Web Bot Web App Attack
🇩🇪 Yachiyo Runami	2026-06-03 01:41:33 (1 day ago)	Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 45-4 ... show more Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 45-46 \| Len: 60B(2x) \| Win: 64240(2) \| F2B/ufw-honeypot@2026-06-03T01:41:33Z show less	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-03 01:28:02 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 74.249.78.162 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 74.249.78.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 21:27:57.236610 2026] [security2:error] [pid 16084:tid 16084] [client 74.249.78.162:52602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.236"] [uri "/.env"] [unique_id "ah-DHXWDe6ZPJc5tJ7YpLAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-03 01:17:50 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.107.88.97

🇺🇸 165.154.135.161

🇩🇪 82.165.184.35

🇺🇸 2601:602:c084:6ae0:75f3:d36b:8c25:f606

🇨🇳 182.44.12.249

🇻🇳 103.167.89.222

🇨🇳 101.42.41.164

🇺🇸 67.223.117.122

🇬🇧 35.203.211.224

🇺🇸 2607:f8b0:4023:100d::124

🇧🇷 205.210.31.248

🇪🇹 196.188.243.211

🇳🇱 195.211.191.112

🇺🇸 66.132.172.146

🇩🇪 54.36.108.162

🇺🇬 102.218.89.110

🇫🇮 35.228.39.245

🇺🇸 35.227.18.116

🇬🇧 35.203.210.19

🇺🇸 20.190.151.133