JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.7.241.59

74.7.241.59 was found in our database!

This IP was reported 269 times. Confidence of Abuse is 72%: ?

72%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.7.241.59

Whois 74.7.241.59

IP Abuse Reports for 74.7.241.59:

This IP address has been reported a total of 269 times from 87 distinct sources. 74.7.241.59 was first reported on November 19th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-22 21:33:17 (4 hours ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.59 (US/United States/-): 1 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.59 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 Charlesiv	2026-06-22 16:00:25 (9 hours ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corpora ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corporation) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2026-06-22T15:35:01Z Ray ID: a0fc520768d36d3d UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot) show less	Bad Web Bot
🇺🇸 Charlesiv	2026-06-20 16:06:51 (2 days ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corpora ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corporation) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2026-06-20T14:10:50Z Ray ID: a0eb5bf99c1f6a00 UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot) show less	Bad Web Bot
🇫🇷 masterguru	2026-06-19 09:44:02 (3 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.59 (US/United States/-): 1 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.241.59 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-19 04:09:35 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 00:09:30.059036 2026] [security2:error] [pid 30183:tid 30186] [client 74.7.241.59:42122] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.aafm.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.aafm.org"] [uri "/http/charteredfinancialmanager.com"] [unique_id "ajTA-m7k8rJcHlm5w-pq2wAAAYE"], referer: https://mail.aafm.org/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 09:22:32 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:22:25.460373 2026] [security2:error] [pid 16631:tid 16631] [client 74.7.241.59:42626] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thewhispertwins.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thewhispertwins.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ai0hUXnJHBxUizP9cL-o_AAAAAQ"], referer: https://thewhispertwins.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 20:05:38 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 16:05:34.441812 2026] [security2:error] [pid 30573:tid 30573] [client 74.7.241.59:51416] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.desarrollosdecolima.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.desarrollosdecolima.com"] [uri "/wp-json/wp/v2/users/2"] [unique_id "aixmjveRbAKcP2G9nRkgcAAAAAM"], referer: http://www.desarrollosdecolima.com/author/desniutech/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 17:15:19 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 13:15:14.107717 2026] [security2:error] [pid 23610:tid 23610] [client 74.7.241.59:47106] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.phantomquailkennel.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.phantomquailkennel.com"] [uri "/paypal.com"] [unique_id "aiw-otv8s3IdR7cIUiqwxQAAACI"], referer: https://www.phantomquailkennel.com/finished.html show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Viveronese	2026-06-12 15:36:56 (1 week ago)	HTTP vulnerability scanning	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 13:50:05 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 09:49:56.824538 2026] [security2:error] [pid 9104:tid 9104] [client 74.7.241.59:50216] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.circulodesonido.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.circulodesonido.org"] [uri "/wp-json/wp/v2/users/3"] [unique_id "aiwOhLpcDGvsfdFeXP0hvgAAAAQ"], referer: https://www.circulodesonido.org/author/admin-2/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 11:07:55 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:07:46.892792 2026] [security2:error] [pid 24903:tid 24903] [client 74.7.241.59:33132] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.smoothiessoupssalads.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.smoothiessoupssalads.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aivogkSNKjUD9vTSoS24UQAAAAo"], referer: https://www.smoothiessoupssalads.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-10 22:10:49 (1 week ago)	Aggressive web search of vulnerable pages: /hk-wiki/index.php/Bluebook /hk-wiki/index.php/StarsOfCal ... show more Aggressive web search of vulnerable pages: /hk-wiki/index.php/Bluebook /hk-wiki/index.php/StarsOfCall:$1 /hk-wiki/index.php/H%27Rkann_(SoC) /hk ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 20:36:52 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 74.7.241.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:36:45.521795 2026] [security2:error] [pid 30437:tid 30437] [client 74.7.241.59:55710] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bahamascruisersguide.com\|F\|2"] [data ".greatmysterious.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bahamascruisersguide.com"] [uri "/Blogs-Websites/www.greatmysterious.com"] [unique_id "ainK3alZdCzBa39PZtVe3QAAABQ"], referer: http://bahamascruisersguide.com/Blogs-Websites/Blogs-Websites.html show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-10 07:04:56 (1 week ago)	2.730 requests from abuseipdb.com blacklisted IP (1mo2w5d)	Brute-Force Bad Web Bot
🇫🇷 Dorian GRANDHAY	2026-06-06 06:39:26 (2 weeks ago)	(PERMBLOCK) 74.7.241.59 (US/United States/-) has had more than 4 temp blocks in the last 604800 secs ... show more (PERMBLOCK) 74.7.241.59 (US/United States/-) has had more than 4 temp blocks in the last 604800 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan

Showing 1 to 15 of 269 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 110.164.193.195

🇫🇮 2a00:1450:4010:c1c::12c

🇳🇱 193.176.31.152

🇨🇴 186.97.116.170

🇧🇷 179.48.242.54

🇳🇱 176.65.139.181

🇰🇿 149.27.89.129

🇺🇸 103.203.57.12

🇷🇺 91.219.151.244

🇺🇸 91.193.232.32

🇨🇦 85.217.149.9

🇷🇴 80.94.92.164

🇺🇸 74.125.224.45

🇺🇸 64.57.129.18

🇳🇱 34.178.2.66

🇫🇮 2a00:1450:4010:c0e::128

🇳🇱 172.235.173.150

🇺🇸 134.209.49.169

🇻🇳 113.179.111.227

🇰🇷 112.216.129.27