JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.7.241.25

74.7.241.25 was found in our database!

This IP was reported 271 times. Confidence of Abuse is 75%: ?

75%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.7.241.25

Whois 74.7.241.25

IP Abuse Reports for 74.7.241.25:

This IP address has been reported a total of 271 times from 81 distinct sources. 74.7.241.25 was first reported on November 19th 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-20 06:05:41 (6 hours ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 NotCool	2026-06-19 16:13:28 (20 hours ago)	(CRAWLDELAY) Generic Bot Crawl-delay Violation 74.7.241.25 (US/United States/-): 50 in the last 3600 ... show more (CRAWLDELAY) Generic Bot Crawl-delay Violation 74.7.241.25 (US/United States/-): 50 in the last 3600 secs show less	Bad Web Bot
🇫🇷 masterguru	2026-06-18 05:04:54 (2 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.25 (US/United States/-): 1 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.25 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇩🇪 server_administrator	2026-06-17 12:34:17 (2 days ago)	Automated blocking: 1174 requests in 1200s detected by server monitoring	Web App Attack
🇩🇪 MarkGGN	2026-06-15 09:30:35 (5 days ago)	Web attack. 74.7.241.25 - - [15/Jun/2026:11:30:34 +0200] "GET /wp-json/wp/v2/tags/2183 HTTP/2.0" 200 ... show more Web attack. 74.7.241.25 - - [15/Jun/2026:11:30:34 +0200] "GET /wp-json/wp/v2/tags/2183 HTTP/2.0" 200 283 "https://www.*/?tag=hakarl" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 01:32:21 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:32:16.642996 2026] [security2:error] [pid 10700:tid 10718] [client 74.7.241.25:52064] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|piazzala.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "piazzala.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ai9WIO_Ur0mU4xGvlGh7KwAAAQE"], referer: http://piazzala.com/author/admin-2-2-2-2-2-2-2-2-2-2/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 20:35:50 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 16:35:44.651440 2026] [security2:error] [pid 26483:tid 26483] [client 74.7.241.25:57158] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.tonytremblayauthor.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tonytremblayauthor.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ai8QoBVCTRN5nVh4CzytwgAAABE"], referer: http://www.tonytremblayauthor.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 server_administrator	2026-06-14 11:52:25 (6 days ago)	Automated blocking: 882 requests in 1200s detected by server monitoring	Web App Attack
🇺🇸 Vano Ganzzz	2026-06-12 15:25:01 (1 week ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corpora ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corporation) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2026-06-12T15:25:01Z Ray ID: a0a9dda55b2748cf UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot) show less	Bad Web Bot
🇫🇷 masterguru	2026-06-12 11:00:04 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.25 (US/United States/-): 2 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.25 (US/United States/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇩🇪 MarkGGN	2026-06-12 09:39:52 (1 week ago)	Web attack. 74.7.241.25 - - [12/Jun/2026:11:39:51 +0200] "GET /wp-json/wp/v2/posts/31525 HTTP/2.0" 2 ... show more Web attack. 74.7.241.25 - - [12/Jun/2026:11:39:51 +0200] "GET /wp-json/wp/v2/posts/31525 HTTP/2.0" 200 7120 "https://www./?p=31525" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" 74.7.241.25 - - [12/Jun/2026:11:39:51 +0200] "GET /wp-json/wp/v2/posts/31524 HTTP/2.0" 200 9046 "https://www./?p=31524" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" show less	Web App Attack
🇩🇪 server_administrator	2026-06-11 06:51:00 (1 week ago)	Automated blocking: 2620 requests in 1200s detected by server monitoring	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 20:20:51 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:20:46.175881 2026] [security2:error] [pid 30534:tid 30534] [client 74.7.241.25:58218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nessmonsters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nessmonsters.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ainHHi-hqIIwJy1fjQQ_hQAAAAY"], referer: https://nessmonsters.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:54:23 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:54:20.081759 2026] [security2:error] [pid 5312:tid 5312] [client 74.7.241.25:52912] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|williamfitzsimmons.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/news/224-spring-solo-tour-new-album/citywinery.com"] [unique_id "aif-7NwOOEcgpi-4LbP6OwAAABw"], referer: http://williamfitzsimmons.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:21:29 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.241.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:21:26.189754 2026] [security2:error] [pid 25142:tid 25142] [client 74.7.241.25:54306] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.hawaiivacations.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.hawaiivacations.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aif3Numu3y5x5banxlPulwAAABM"], referer: http://www.hawaiivacations.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 271 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇦🇷 186.148.224.183

🇺🇸 162.216.149.28

🇮🇳 144.16.223.166

🇩🇪 128.1.120.149

🇨🇳 119.45.160.218

🇺🇸 104.28.245.40

🇳🇱 91.213.13.54

🇺🇸 47.253.149.245

🇳🇱 45.148.10.152

🇳🇱 45.148.10.151

🇸🇬 43.133.61.150

🇺🇸 205.210.31.36

🇨🇳 203.56.46.78

🇸🇪 195.178.191.5

🇩🇪 167.94.145.30

🇬🇧 152.32.198.210

🇺🇸 82.117.86.127

🇩🇪 64.226.124.37

🇨🇳 223.152.27.43