JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.7.243.243

74.7.243.243 was found in our database!

This IP was reported 234 times. Confidence of Abuse is 76%: ?

76%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.7.243.243

Whois 74.7.243.243

IP Abuse Reports for 74.7.243.243:

This IP address has been reported a total of 234 times from 78 distinct sources. 74.7.243.243 was first reported on November 19th 2025, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-21 16:36:52 (10 hours ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.243 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.243 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇹🇭 MWA SOC	2026-06-20 16:54:45 (1 day ago)		Hacking
🇮🇹 eliosbrocchi	2026-06-20 07:05:10 (1 day ago)	74.7.243.243 - - [20/Jun/2026:09:05:09 +0200] "GET / HTTP/2.0" 200 2116 "-" "Mozilla/5.0 AppleWebKit ... show more 74.7.243.243 - - [20/Jun/2026:09:05:09 +0200] "GET / HTTP/2.0" 200 2116 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" ... show less	VPN IP
🇩🇪 maxpower	2026-06-19 12:52:23 (2 days ago)	(junkbot) REGOLA 8 - Junk Bot Blocked 74.7.243.243 (US/United States/-): 1 in the last 3600 secs; Po ... show more (junkbot) REGOLA 8 - Junk Bot Blocked 74.7.243.243 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 74.7.243.243 - - [19/Jun/2026:14:52:21 +0200] "GET / HTTP/2.0" 301 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.4; +https://openai.com/gptbot)" "-" host=www.albavisual.mlocale.com show less	Port Scan
Anonymous	2026-06-18 13:49:59 (3 days ago)	[server.tmg.gr] httpd-volume-flood: sites=amli2018.com; logs=/var/log/httpd/domains/amli2018.com.log ... show more [server.tmg.gr] httpd-volume-flood: sites=amli2018.com; logs=/var/log/httpd/domains/amli2018.com.log; samples=reason=high volume + broad scan: 252 reqs (>= 240), 249 distinct dynamic URIs (>= 60) \| /a19/ \| /?p=6732 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 04:01:16 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 74.7.243.243 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 74.7.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 00:01:12.347071 2026] [security2:error] [pid 13241:tid 13241] [client 74.7.243.243:56970] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|crr-construction.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "crr-construction.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ajNtiEI9ESwlMIyMEZcKKwAAABs"], referer: https://crr-construction.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 20:47:46 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 74.7.243.243 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 74.7.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 16:47:42.665747 2026] [security2:error] [pid 15275:tid 15275] [client 74.7.243.243:38124] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.bradleybarefoot.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bradleybarefoot.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ajMH7lY3fqRitnQ8pRFGFwAAAAs"], referer: https://www.bradleybarefoot.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-17 19:35:43 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 Site.eu	2026-06-14 13:53:42 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 4server	2026-06-12 17:08:18 (1 week ago)	[FriJun1219:08:14.4108162026][security2:error][pid4027856:tid4027873][client74.7.243.243:0]ModSecuri ... show more [FriJun1219:08:14.4108162026][security2:error][pid4027856:tid4027873][client74.7.243.243:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\(\\\\\\\\w \)\(\?:user\\|and\)\(\\\\\\\\w \)char\?\\\\\\\\\([0-9]\\|\(\?:execute\\|convert\)\?\\\\\\\\\(.{1\,300}\\\\\\\\\)\\|\;\?delete.{1\,200}\;\?\(\?:insert\\|declare\\|varchar\)\?\\|\\\\\\\\b\(\?:drop\\|create\)\\\\\\\\b\(\\\\\\\\w \)table\\|\(\?:declare\\|convert\).{1\,200}varchar\\\\\\\\\(\\|null\?\,\?null\?\,\?\(accesslevel\\|user_\?name\)\?\,\\|conc...\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_rules/11_asl_adv_rules.conf\"][line\"153\"][id\"360148\"][rev\"7\"][msg\"Atomicorp.comWAFRules:AdvancedSQLevasionprotection\"][data\"concat\(\"][severity\"CRITICAL\"][tag\"SQLi\"][hostname\"avcolor.ch\"][uri\"/\\\\\"\\\\\".concat\(thisClass.urlEncode\(image.src\\|\\|image.thumb\\|\\|\'\'\)\,\\\\\"/\\\\\"\"][unique_id\"aiw8_hmOXbs6oPOLlZIvqQAAAAU\"]\,referer:https://avcolor.ch/js/a188dda188430008f0a06774869ed93d-bundle.js\?ts=20250212111252 show less	Port Scan Brute-Force Web App Attack
🇪🇸 librebit	2026-06-05 02:47:20 (2 weeks ago)	Brute force	Brute-Force
🇦🇹 Pingger Shikkoken	2026-06-02 01:20:50 (2 weeks ago)	2026-06-02T01:20:50+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-06-02T01:20:50+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=74.7.243.243 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=20291 DF PROTO=TCP SPT=38436 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 2026-06-02T01:20:51+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=74.7.243.243 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=20292 DF PROTO=TCP SPT=38436 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 2026-06-02T01:20:53+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=74.7.243.243 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=20293 DF PROTO=TCP SPT=38436 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-29 20:26:02 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 74.7.243.243 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 74.7.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 16:25:54.528412 2026] [security2:error] [pid 31812:tid 31812] [client 74.7.243.243:55280] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.humbliaslaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.humbliaslaw.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ahn2UkwR5R6xvLQxVNUSmAAAAA8"], referer: http://www.humbliaslaw.com/author/admin/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-29 00:43:27 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.243 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 74.7.243.243 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-05-28 15:58:50 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 74.7.243.243 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 74.7.243.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 11:58:46.824076 2026] [security2:error] [pid 19695:tid 19695] [client 74.7.243.243:53222] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.danharrisphotoart.com\|F\|2"] [data ".siberianpictures.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.danharrisphotoart.com"] [uri "/www.siberianpictures.com"] [unique_id "ahhmNloO9dRUstelfOdBPgAAAAc"], referer: http://www.danharrisphotoart.com/links.html show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 234 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇶 185.166.25.150

🇫🇮 178.20.210.208

🇫🇷 163.70.128.174

🇨🇱 129.222.172.38

🇰🇷 106.246.224.218

🇺🇸 98.92.208.52

🇺🇸 86.111.176.100

🇳🇱 85.11.167.11

🇩🇪 64.89.163.80

🇺🇸 2604:a880:400:d1:0:4:9e83:7001

🇩🇪 213.209.159.242

🇵🇸 188.225.228.153

🇬🇧 185.247.137.119

🇳🇱 175.110.112.8

🇺🇸 98.223.193.156

🇲🇰 46.217.217.86

🇧🇪 34.156.1.173

🇳🇱 185.191.126.221

🇫🇷 185.177.72.17

🇮🇳 172.217.34.153