JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.7.243.218

74.7.243.218 was found in our database!

This IP was reported 267 times. Confidence of Abuse is 87%: ?

87%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.7.243.218

Whois 74.7.243.218

IP Abuse Reports for 74.7.243.218:

This IP address has been reported a total of 267 times from 82 distinct sources. 74.7.243.218 was first reported on November 19th 2025, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 server_administrator	2026-06-17 16:41:48 (8 hours ago)	Automated blocking: 1184 requests in 1200s detected by server monitoring	Web App Attack
🇲🇹 neilcaruana	2026-06-17 13:34:18 (11 hours ago)	Sentinel detected an attack on port [443]	Hacking
🇹🇭 MWA SOC	2026-06-17 06:32:12 (18 hours ago)		Hacking
🇺🇸 TPI-Abuse	2026-06-16 07:29:16 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 74.7.243.218 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 74.7.243.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:29:09.558493 2026] [security2:error] [pid 21297:tid 21297] [client 74.7.243.218:46722] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.naturalacu.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.naturalacu.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ajD7RQNZ67fWogqO8aYn1QAAABA"], referer: http://www.naturalacu.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Charlesiv	2026-06-16 06:17:18 (1 day ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corpora ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corporation) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2026-06-16T05:49:38Z Ray ID: a0c7884d9ab5e774 UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot) show less	Bad Web Bot
🇹🇭 MWA SOC	2026-06-16 04:50:24 (1 day ago)		Hacking
🇳🇱 Site.eu	2026-06-16 01:58:05 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 n2nguyenn2nguyen	2026-06-15 12:43:09 (2 days ago)	Blocked by YFC Security on https://brixzly.com — type: rapid_scan_attempts	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 03:35:28 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 74.7.243.218 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 74.7.243.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:35:23.267891 2026] [security2:error] [pid 17027:tid 17027] [client 74.7.243.218:58146] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|36sovereignchambers.com\|F\|2"] [data ".arubabetcasinofrance.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "36sovereignchambers.com"] [uri "/2026/04/14/plongee-dans-lunivers-vibrant-daruba-bet-casino-en-ligne/www.arubabetcasinofrance.com"] [unique_id "ai9y-ybYhYQgQMbuFOnwTAAAAAc"], referer: https://36sovereignchambers.com/2026/04/14/plongee-dans-lunivers-vibrant-daruba-bet-casino-en-ligne/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-14 17:23:21 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 20:53:34 (4 days ago)	(mod_security) mod_security (id:210730) triggered by 74.7.243.218 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 74.7.243.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 16:53:28.770323 2026] [security2:error] [pid 24381:tid 24381] [client 74.7.243.218:58606] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.cajunpicasso.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cajunpicasso.com"] [uri "/sunnyside-of-the-blues/[email protected]"] [unique_id "ai3DSK7CFTXQs0KSn5uwPAAAABY"], referer: http://www.cajunpicasso.com/gallery/sunnyside-of-the-blues show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 aranguren.org	2026-06-12 18:05:37 (5 days ago)	74.7.243.218 - - [13/Jun/2026:04:04:57 +1000] "GET /mirrorlist HTTP/2.0" 200 456 "https://private.ar ... show more 74.7.243.218 - - [13/Jun/2026:04:04:57 +1000] "GET /mirrorlist HTTP/2.0" 200 456 "https://private.aranguren.org/" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" 74.7.243.218 - - [13/Jun/2026:04:05:08 +1000] "GET /Health/ HTTP/2.0" 200 452 "https://private.aranguren.org/" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" 74.7.243.218 - - [13/Jun/2026:04:05:23 +1000] "GET /Health/?C=N;O=D HTTP/2.0" 200 452 "https://private.aranguren.org/Health/" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" 74.7.243.218 - - [13/Jun/2026:04:05:24 +1000] "GET /Health/?C=S;O=A HTTP/2.0" 200 452 "https://private.aranguren.org/Health/" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" 74.7.243.218 - - [13/Jun/2026:04:05:36 +1000] "GET /Health/?C=N;O=A HTTP/2.0" 200 452 "https://private. ... show less	Bad Web Bot
🇫🇷 masterguru	2026-06-12 17:29:36 (5 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.218 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.218 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 Charlesiv	2026-06-12 12:08:50 (5 days ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corpora ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK ASN: 8075 (Microsoft Corporation) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2026-06-12T10:18:12Z Ray ID: a0a81c330db0651a UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-12 12:04:29 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 74.7.243.218 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 74.7.243.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:04:22.046957 2026] [security2:error] [pid 3853:tid 3925] [client 74.7.243.218:36330] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.iancaird.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.iancaird.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aiv1xg5LDiSAiA4Im3n9NQAAAkQ"], referer: https://www.iancaird.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 267 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 91.92.40.12

🇩🇪 69.5.169.93

🇺🇸 216.25.89.124

🇧🇪 198.235.24.163

🇰🇷 182.210.76.170

🇩🇪 167.94.146.46

🇳🇪 154.127.86.8

🇨🇳 125.75.125.193

🇮🇩 103.188.177.46

🇧🇩 103.112.62.144

🇷🇺 81.22.51.64

🇩🇪 62.113.198.26

🇨🇿 46.135.100.183

🇳🇱 45.148.10.183

🇳🇱 45.148.10.157

🇸🇬 45.78.198.199

🇨🇳 223.157.12.1

🇨🇳 221.10.187.253

🇺🇸 216.180.246.167

🇺🇸 193.202.81.198