JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.7.242.61

74.7.242.61 was found in our database!

This IP was reported 239 times. Confidence of Abuse is 80%: ?

80%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.7.242.61

Whois 74.7.242.61

IP Abuse Reports for 74.7.242.61:

This IP address has been reported a total of 239 times from 81 distinct sources. 74.7.242.61 was first reported on November 20th 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-13 11:02:24 (6 hours ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-06-13 03:54:19 (13 hours ago)	Reported from Nginx log analysis 19. Log: 74.7.242.61 - - [13/Jun/2026:xx:xx:xx 0200] "GET / HTTP/2 ... show more Reported from Nginx log analysis 19. Log: 74.7.242.61 - - [13/Jun/2026:xx:xx:xx 0200] "GET / HTTP/2.0" xxx xxx "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; https://openai.com/gptbot)" "-" "US United States Atlanta" "AS8075" "Microsoft Corporation" show less	Port Scan Brute-Force SSH
🇩🇪 Viveronese	2026-06-12 15:36:52 (1 day ago)	HTTP vulnerability scanning	Web App Attack
🇫🇷 masterguru	2026-06-12 12:51:46 (1 day ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.242.61 (US/United States/-): 1 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.242.61 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇳🇱 Site.eu	2026-06-12 08:58:43 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 07:07:38 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 74.7.242.61 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.242.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 03:07:32.175817 2026] [security2:error] [pid 23448:tid 23448] [client 74.7.242.61:37840] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|apuntesdeinversion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "apuntesdeinversion.com"] [uri "/wp-json/wp/v2/users/2"] [unique_id "aipetE6GlSRY7JSjOGCmogAAAA0"], referer: https://apuntesdeinversion.com/author/jordi/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-08 01:48:32 (5 days ago)	Excessive multi-domain requests	Brute-Force
🇬🇧 pinguin	2026-06-04 01:20:23 (1 week ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/2 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 Hugopvigo	2026-06-03 21:24:37 (1 week ago)	"2026-06-03 21:24:37+00:00 74.7.242.61 IP con score alto (78) detectada en el log."	Brute-Force SSH
🇫🇷 masterguru	2026-06-03 17:57:03 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.242.61 (US/United States/-): 2 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.242.61 (US/United States/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 cwytech	2026-06-03 02:59:02 (1 week ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-web-high.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 16:05:59 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 74.7.242.61 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.7.242.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 12:05:51.896463 2026] [security2:error] [pid 27197:tid 27197] [client 74.7.242.61:37220] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.fiasdesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fiasdesigns.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ah7_X3bavA0ez2ySWho2WwAAAAQ"], referer: https://www.fiasdesigns.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-02 14:08:04 (1 week ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 01:45:36 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 74.7.242.61 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 74.7.242.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 21:45:34.067888 2026] [security2:error] [pid 32072:tid 32072] [client 74.7.242.61:37164] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.homebuilt.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.homebuilt.org"] [uri "/directory/[email protected]"] [unique_id "ah41vgZXABzP1xaEgArdTwAAABE"], referer: https://mail.homebuilt.org/directory/newglasair.html show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-01 05:10:30 (1 week ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.242.61 (US/United States/-): 2 i ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.242.61 (US/United States/-): 2 in the last 3600 secs (0-196) show less	Hacking

Showing 1 to 15 of 239 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇦 160.179.177.104

🇨🇳 123.129.245.249

🇷🇴 80.94.92.168

🇨🇳 59.52.103.169

🇺🇸 34.208.194.230

🇸🇬 193.37.32.110

🇺🇸 147.185.132.161

🇺🇸 107.172.88.206

🇮🇩 103.191.14.210

🇮🇩 202.145.0.61

🇳🇱 185.136.15.10

🇩🇪 167.94.146.53

🇨🇳 116.167.93.149

🇷🇴 92.118.39.225

🇨🇳 39.163.17.178

🇮🇳 34.93.241.217

🇮🇳 27.123.114.190

🇺🇸 209.87.149.26

🇩🇪 185.220.101.139

🇨🇳 115.231.78.11