JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.75.217.74

20.75.217.74 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 55%: ?

55%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.75.217.74

Whois 20.75.217.74

IP Abuse Reports for 20.75.217.74:

This IP address has been reported a total of 24 times from 8 distinct sources. 20.75.217.74 was first reported on June 28th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-29 11:31:34 (2 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:31:28.287172 2026] [security2:error] [pid 6070:tid 6070] [client 20.75.217.74:9115] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.savingspools.savingshvac.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.savingspools.savingshvac.com"] [uri "/wp-json/wp/v2/users/10"] [unique_id "akJXkMHm1tvWjy1pzQgRfAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 11:16:01 (2 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:15:54.957012 2026] [security2:error] [pid 8522:tid 8522] [client 20.75.217.74:9059] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rogerheath.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rogerheath.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJT6nutRussZOB2XEqW-gAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-29 10:47:33 (2 hours ago)	Try to access /wp/xmlrpc.php	Web App Attack
Anonymous	2026-06-29 10:45:17 (2 hours ago)	2026-06-29T12:45:16.913578+02:00 aion wordpress[2732097]: Blocked user enumeration attempt from 20.7 ... show more 2026-06-29T12:45:16.913578+02:00 aion wordpress[2732097]: Blocked user enumeration attempt from 20.75.217.74 ... show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-06-29 10:44:14 (2 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:44:08.840547 2026] [security2:error] [pid 14234:tid 14234] [client 20.75.217.74:8852] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|intrinsicdiscovery.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intrinsicdiscovery.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJMeBc3NR1RqrqGF4dCbwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 10:24:05 (3 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:24:00.016859 2026] [security2:error] [pid 22901:tid 22901] [client 20.75.217.74:8609] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pinetreedistrict.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pinetreedistrict.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akJHwNAFwJNCLYIqPlMxlwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-29 10:01:04 (3 hours ago)	3.750 requests to many distinct domains in 1 hour (3w5d13h)	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-29 09:23:02 (4 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:22:57.482933 2026] [security2:error] [pid 4804:tid 4804] [client 20.75.217.74:9617] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nypatriotcards.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nypatriotcards.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akI5cZW5L8lGAAyKWGVdbAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 09:07:11 (4 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:07:07.491532 2026] [security2:error] [pid 9633:tid 9633] [client 20.75.217.74:9287] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.vansfanz.rollinchassis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.vansfanz.rollinchassis.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akI1u95oPPwc3Q4SGxWHsAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 08:49:42 (4 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:49:37.049284 2026] [security2:error] [pid 10002:tid 10002] [client 20.75.217.74:9039] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|modestosoftwater.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "modestosoftwater.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIxoZy_IhU-ZFrq9fvr_gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xxkodedxx	2026-06-29 08:33:52 (5 hours ago)	[Zorvexus edge-defense] GET .env / WordPress honeypot probe Trigger: 1× honeypot-get in 10m window. ... show more [Zorvexus edge-defense] GET .env / WordPress honeypot probe Trigger: 1× honeypot-get in 10m window. Active: 08:33:38 UTC Volume: 1 honeypot probe(s) Bait taken: /wp-json/wp/v2/users?offset=0&per_page=100&_fields=id,slug Vhost fishing: cards.zvxlabs.com UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-06-29 07:18:05 (6 hours ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 07:02:40 (6 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:02:34.591351 2026] [security2:error] [pid 3330:tid 3330] [client 20.75.217.74:4962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|northfortworthalliance.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "northfortworthalliance.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIYikZvMm9OquIxMBipsgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 02:49:32 (10 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:49:28.835089 2026] [security2:error] [pid 2112:tid 2112] [client 20.75.217.74:5650] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|doreenkimura.com.misscharlottemusic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "doreenkimura.com.misscharlottemusic.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akHdOCJKWLO9u_uzzpNibAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 00:11:18 (13 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.75.217.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:11:13.193013 2026] [security2:error] [pid 10306:tid 10306] [client 20.75.217.74:5639] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|globalweb123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "globalweb123.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akG4IfSReesOJYqjVf982gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 189.52.134.66

🇵🇰 103.141.5.129

🇧🇬 79.124.62.230

🇧🇷 45.183.243.54

🇧🇷 45.183.243.11

🇧🇷 45.181.33.218

🇺🇸 45.33.84.124

🇩🇪 209.38.243.115

🇭🇰 199.45.154.188

🇺🇸 195.184.76.99

🇨🇳 182.138.158.210

🇧🇷 177.137.109.31

🇷🇺 109.73.206.231

🇺🇸 104.28.215.155

🇫🇷 95.111.231.180

🇩🇪 69.5.169.141

🇧🇷 45.181.33.191

🇧🇷 45.181.26.30

🇧🇷 45.180.99.213

🇩🇪 43.228.157.10