JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.7.227.53

74.7.227.53 was found in our database!

This IP was reported 246 times. Confidence of Abuse is 74%: ?

74%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.7.227.53

Whois 74.7.227.53

IP Abuse Reports for 74.7.227.53:

This IP address has been reported a total of 246 times from 74 distinct sources. 74.7.227.53 was first reported on October 29th 2025, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 LotPhantom	2026-02-24 07:32:10 (3 months ago)	74.7.227.53 - - [24/Feb/2026:07:31:09 +0000] "GET / HTTP/2.0" 200 6577 "-" "Mozilla/5.0 AppleWebKit/ ... show more 74.7.227.53 - - [24/Feb/2026:07:31:09 +0000] "GET / HTTP/2.0" 200 6577 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot)" "0" ... show less	Web App Attack Bad Web Bot
Anonymous	2026-02-24 04:06:34 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 74.7.227.53 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-22 20:22:05 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 74.7.227.53 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 74.7.227.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 15:21:58.202353 2026] [security2:error] [pid 1381:tid 1381] [client 74.7.227.53:41846] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.test.grimone.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.test.grimone.com"] [uri "/patrick/German/Europe Day 11/Thumbs.db"] [unique_id "aZtlZgSNzgJE4BUng86DagAAAAY"], referer: https://www.test.grimone.com/patrick/German/Europe%20Day%2011/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 10:00:07 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 74.7.227.53 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.227.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 05:00:02.385069 2026] [security2:error] [pid 16690:tid 16690] [client 74.7.227.53:43374] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.theseventhcongregationofladderdayvixens.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.theseventhcongregationofladderdayvixens.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aZbfIpqUOtRRwtKYACy9mQAAABs"], referer: https://www.theseventhcongregationofladderdayvixens.org/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-02-19 03:38:50 (3 months ago)	Restricted File Access Attempt. Matched phrase "Dockerfile" at REQUEST_FILENAME. (930130-stl2-14)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 04:14:56 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 74.7.227.53 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.227.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 23:14:52.494078 2026] [security2:error] [pid 22875:tid 22875] [client 74.7.227.53:33454] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.rochesterhistorical.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rochesterhistorical.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aZU8vAXAx2tCjkF8uc6DVAAAAAE"], referer: http://www.rochesterhistorical.org/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-18 02:56:33 (3 months ago)	Blocking for trying to access an exploit file: /myagent.site	Hacking
🇦🇹 Pingger Shikkoken	2026-02-17 22:26:17 (3 months ago)	2026-02-17T22:26:17+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-02-17T22:26:17+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=74.7.227.53 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=37 ID=56650 DF PROTO=TCP SPT=50466 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 2026-02-17T22:26:18+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=74.7.227.53 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=37 ID=56651 DF PROTO=TCP SPT=50466 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 2026-02-17T22:26:20+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=74.7.227.53 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=37 ID=56652 DF PROTO=TCP SPT=50466 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
🇬🇧 NotCool	2026-02-13 00:46:38 (3 months ago)	(CRAWLDELAY) Generic Bot Crawl-delay Violation 74.7.227.53 (US/United States/-): 50 in the last 3600 ... show more (CRAWLDELAY) Generic Bot Crawl-delay Violation 74.7.227.53 (US/United States/-): 50 in the last 3600 secs show less	Bad Web Bot
🇮🇹 Progetto1	2026-02-11 21:30:15 (3 months ago)	Multiple exploit attempts	Hacking Brute-Force Exploited Host Web App Attack
🇳🇱 Site.eu	2026-02-11 00:27:49 (3 months ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-02-10 08:26:19 (3 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 myagent.site	2026-02-10 07:58:31 (3 months ago)	Blocking for trying to access an exploit file: /myagent.site	Hacking
Anonymous	2026-02-10 01:04:04 (3 months ago)	Web attack	Bad Web Bot Web App Attack
Anonymous	2026-02-09 04:05:18 (3 months ago)	Blocked: Reason='High request volume — possible DDoS (> 5000 in 60 min)'; Requests=5725	DDoS Attack

Showing 106 to 120 of 246 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.158

🇩🇰 212.60.125.164

🇮🇳 183.82.111.224

🇰🇷 175.198.18.3

🇨🇳 119.29.252.115

🇳🇱 45.148.10.141

🇮🇩 43.129.44.66

🇺🇸 195.184.76.177

🇷🇺 194.176.114.36

🇳🇱 178.16.55.50

🇨🇳 110.89.121.254

🇷🇺 109.111.175.210

🇮🇩 103.171.85.117

🇨🇦 85.217.149.11

🇷🇺 85.174.180.232

🇮🇱 79.177.145.114

🇳🇱 45.148.10.157

🇬🇧 13.40.111.93

🇧🇷 179.125.175.74

🇧🇷 177.92.128.219