JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.7.227.58

74.7.227.58 was found in our database!

This IP was reported 234 times. Confidence of Abuse is 59%: ?

59%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.7.227.58

Whois 74.7.227.58

IP Abuse Reports for 74.7.227.58:

This IP address has been reported a total of 234 times from 83 distinct sources. 74.7.227.58 was first reported on October 29th 2025, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TheJimmo	2026-06-18 11:32:26 (15 hours ago)	74.7.227.58 74.7.227.58 - - [18/Jun/2026:11:32:04 +0000] "GET /forums/topic/21862-live_person... HTT ... show more 74.7.227.58 74.7.227.58 - - [18/Jun/2026:11:32:04 +0000] "GET /forums/topic/21862-live_person... HTTP/1.1" 404 13727 "https://sapknowledgewiki.com" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" 74.7.227.58 74.7.227.58 - - [18/Jun/2026:11:32:07 +0000] "GET /forums/topic/21959-7-easy-ways... HTTP/1.1" 404 13732 "https://sapknowledgewiki.com" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" 74.7.227.58 74.7.227.58 - - [18/Jun/2026:11:32:10 +0000] "GET /forums/topic/20403-singapore-a... HTTP/1.1" 404 13730 "https://sapknowledgewiki.com" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" 74.7.227.58 74.7.227.58 - - [18/Jun/2026:11:32:13 +0000] "GET /forums/topic/21371-singapore-a... HTTP/1.1" 404 13729 "https://sapknowledgewiki.com" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.c ... show less	Bad Web Bot Web App Attack
🇩🇪 maxpower	2026-06-18 07:22:47 (20 hours ago)	(junkbot) REGOLA 8 - Junk Bot Blocked 74.7.227.58 (US/United States/-): 1 in the last 3600 secs; Por ... show more (junkbot) REGOLA 8 - Junk Bot Blocked 74.7.227.58 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 74.7.227.58 - - [18/Jun/2026:09:22:42 +0200] "GET /theme/hesk3/customer/img/sprite.svg HTTP/2.0" 200 11582 "https://ticketingla.checkall.cloud/" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" "-" host=ticketingla.checkall.cloud show less	Port Scan
🇫🇷 masterguru	2026-06-18 07:05:02 (20 hours ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 2 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇩🇪 maxpower	2026-06-18 06:52:41 (20 hours ago)	(junkbot) REGOLA 8 - Junk Bot Blocked 74.7.227.58 (US/United States/-): 1 in the last 3600 secs; Por ... show more (junkbot) REGOLA 8 - Junk Bot Blocked 74.7.227.58 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 74.7.227.58 - - [18/Jun/2026:08:52:37 +0200] "GET / HTTP/2.0" 200 1397 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" "-" host=ticketingla.checkall.cloud show less	Port Scan
🇫🇷 masterguru	2026-06-18 05:26:02 (21 hours ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 1 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇳🇱 Site.eu	2026-06-13 10:07:41 (5 days ago)	Excessive multi-domain requests	Brute-Force
🇫🇷 masterguru	2026-06-12 12:50:41 (6 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 1 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 masterguru	2026-06-12 10:55:59 (6 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 2 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇳🇱 Site.eu	2026-06-11 20:27:06 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 08:12:46 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 74.7.227.58 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 74.7.227.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:12:39.497470 2026] [security2:error] [pid 5060:tid 5060] [client 74.7.227.58:55126] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.chrisbilder.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.chrisbilder.com"] [uri "/regression/chapters/SO2.DAT"] [unique_id "aipt96xfaAbpgIpyDLIHVQAAAAI"], referer: http://www.chrisbilder.com/regression/chapter.html show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-03 17:52:40 (2 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 1 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.227.58 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-02 02:33:39 (2 weeks ago)	(mod_security) mod_security (id:212290) triggered by 74.7.227.58 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:212290) triggered by 74.7.227.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 22:33:32.262081 2026] [security2:error] [pid 31926:tid 31932] [client 74.7.227.58:57720] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(?:href\|src\|lowsrc\|url)\\\\b\\\\W+?\\\\b(?:(?:vb\|java)script\|shell)(?::\|&colon)" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "47"] [id "212290"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|mail.plumberw9.com\|F\|2"] [data "Matched Data: href\|\|'')?'javascript: found within REQUEST_URI: /js/' (/^https/i.test(window.location.href\|\|'')?'javascript:void(false)':'about:blank') '"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "mail.plumberw9.com"] [uri "/js/'+(/^https/i.test(window.location.href\|\|'')"] [unique_id "ah5A_K3kScPqkYCSKCnkmAAAAQQ"], referer: https://mail.plumberw9.com/js/jquery.fancybox-1.3.4.pack.js show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 NotCool	2026-06-02 00:41:24 (2 weeks ago)	(CRAWLDELAY) Generic Bot Crawl-delay Violation 74.7.227.58 (US/United States/-): 50 in the last 3600 ... show more (CRAWLDELAY) Generic Bot Crawl-delay Violation 74.7.227.58 (US/United States/-): 50 in the last 3600 secs show less	Bad Web Bot
🇪🇬 Hossam Mahmoud	2026-06-01 08:59:00 (2 weeks ago)		Bad Web Bot Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-05-29 03:11:31 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 74.7.227.58 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.227.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 23:11:27.972071 2026] [security2:error] [pid 19078:tid 19078] [client 74.7.227.58:52434] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.jerryfeil.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.jerryfeil.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ahkD31FO_EJ72J99wDxVDAAAAA0"], referer: https://www.jerryfeil.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 234 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.238

🇮🇳 152.32.156.138

🇺🇸 150.107.38.141

🇮🇳 106.215.145.16

🇳🇱 93.123.72.183

🇳🇱 64.188.77.26

🇸🇬 47.84.142.16

🇧🇷 20.206.64.115

🇺🇸 3.130.168.2

🇳🇱 195.178.110.30

🇧🇷 191.35.128.147

🇨🇳 183.61.189.192

🇧🇷 177.45.198.181

🇺🇸 162.216.150.157

🇵🇰 119.152.245.241

🇨🇳 119.91.20.139

🇭🇰 101.36.109.144

🇷🇴 92.118.39.211

🇺🇸 91.230.168.1

🇨🇦 85.217.149.67