JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.249.78.33

74.249.78.33 was found in our database!

This IP was reported 560 times. Confidence of Abuse is 93%: ?

93%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.249.78.33

Whois 74.249.78.33

IP Abuse Reports for 74.249.78.33:

This IP address has been reported a total of 560 times from 100 distinct sources. 74.249.78.33 was first reported on August 24th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-06 03:14:11 (1 day ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 74.249.78.33 - - [02/Jun/2026:01:56:29 -0300] "GET / ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 74.249.78.33 - - [02/Jun/2026:01:56:29 -0300] "GET /.git/HEAD HTTP/1.1" 404 414 - 74.249.78.33 - - [02/Jun/2026:01:56:33 -0300] "GET /.env.local HTTP/1.1" 404 414 - 74.249.78.33 - - [02/Jun/2026:01:56:33 -0300] "GET /.env.production HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Peregrine	2026-06-05 03:14:06 (2 days ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 74.249.78.33 - - [02/Jun/2026:01:56:29 -0300] "GET / ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 74.249.78.33 - - [02/Jun/2026:01:56:29 -0300] "GET /.git/HEAD HTTP/1.1" 404 414 - 74.249.78.33 - - [02/Jun/2026:01:56:33 -0300] "GET /.env.local HTTP/1.1" 404 414 - 74.249.78.33 - - [02/Jun/2026:01:56:33 -0300] "GET /.env.production HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Peregrine	2026-06-04 03:13:53 (3 days ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 74.249.78.33 - - [02/Jun/2026:01:56:29 -0300] "GET / ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 74.249.78.33 - - [02/Jun/2026:01:56:29 -0300] "GET /.git/HEAD HTTP/1.1" 404 414 - 74.249.78.33 - - [02/Jun/2026:01:56:33 -0300] "GET /.env.local HTTP/1.1" 404 414 - 74.249.78.33 - - [02/Jun/2026:01:56:33 -0300] "GET /.env.production HTTP/1.1" 404 414 show less	Bad Web Bot
🇺🇸 anon333	2026-06-03 02:36:32 (4 days ago)	Invalid HTTP port 80 probes to server T2236	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-06-02 07:20:09 (5 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇫🇷 pm33	2026-06-02 05:27:17 (5 days ago)	Unsolicited connection attempts or aggressive port scan.	Port Scan
🇧🇷 Peregrine	2026-06-02 04:56:37 (5 days ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 74.249.78.33 - - [02/Jun/2026:01:56:29 -0300] "GET / ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 74.249.78.33 - - [02/Jun/2026:01:56:29 -0300] "GET /.git/HEAD HTTP/1.1" 404 414 - 74.249.78.33 - - [02/Jun/2026:01:56:33 -0300] "GET /.env.local HTTP/1.1" 404 414 - 74.249.78.33 - - [02/Jun/2026:01:56:33 -0300] "GET /.env.production HTTP/1.1" 404 414 show less	Bad Web Bot
🇺🇸 anon333	2026-06-02 04:36:07 (5 days ago)	Invalid HTTP port 80 probes to Internet facing server J153T003601	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-02 03:48:54 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 74.249.78.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 74.249.78.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 23:48:49.661647 2026] [security2:error] [pid 3788:tid 3788] [client 74.249.78.33:49931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.122"] [uri "/.git/HEAD"] [unique_id "ah5SoYlzwtbdMANU1FdJ4QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 SOCBR	2026-06-02 02:21:25 (5 days ago)	IPS: Web Server Enforcement Violation.	Hacking
🇹🇷 Threat.live	2026-06-02 02:00:12 (5 days ago)	Suspicious Connection Attempts	Brute-Force
🇫🇷 ISPLtd	2026-06-02 01:44:35 (5 days ago)	Jun 1 22:44:34 74.249.78.33 TCP SPT=49304 DPT=2087 SYN Jun 1 22:44:34 74.249.78.33 TCP SPT=49284 D ... show more Jun 1 22:44:34 74.249.78.33 TCP SPT=49304 DPT=2087 SYN Jun 1 22:44:34 74.249.78.33 TCP SPT=49284 DPT=8080 SYN Jun 1 22:44:34 74.249.78.33 TCP SPT=49295 DPT=2086 ... show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 01:43:47 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 74.249.78.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 74.249.78.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 21:43:40.394898 2026] [security2:error] [pid 18782:tid 18782] [client 74.249.78.33:49939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.21"] [uri "/.git/HEAD"] [unique_id "ah41TMYiN3YuYp7ghsHQ0wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 LRNP	2026-06-02 01:01:59 (5 days ago)	_:80 74.249.78.33 - - [02/Jun/2026:01:01:53 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Ma ... show more _:80 74.249.78.33 - - [02/Jun/2026:01:01:53 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-02 00:42:55 (5 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking

Showing 1 to 15 of 560 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.176.85.112

🇧🇷 191.54.80.93

🇨🇳 171.81.98.32

🇯🇵 160.251.197.41

🇨🇳 119.96.173.169

🇬🇭 102.223.92.101

🇳🇱 91.92.42.19

🇺🇸 71.6.146.185

🇦🇷 45.225.212.154

🇳🇱 45.154.98.38

🇴🇲 37.40.228.52

🇨🇦 192.40.185.163

🇬🇧 185.195.13.179

🇺🇸 172.93.100.34

🇺🇸 172.68.3.190

🇫🇮 80.223.186.171

🇯🇵 8.216.90.100

🇷🇴 2.57.121.112

🇺🇸 192.178.66.82

🇭🇰 101.79.165.43