JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 148.72.209.74

148.72.209.74 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 98%: ?

98%

ISP	GoDaddy.com, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26496
Hostname(s)	74.209.72.148.host.secureserver.net
Domain Name	godaddy.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 148.72.209.74

Whois 148.72.209.74

IP Abuse Reports for 148.72.209.74:

This IP address has been reported a total of 19 times from 16 distinct sources. 148.72.209.74 was first reported on June 15th 2026, and the most recent report was 24 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 sdos.es	2026-06-16 02:29:48 (24 minutes ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
🇧🇪 sid3windr	2026-06-16 02:09:04 (45 minutes ago)	GET /.git/config (Tarpitted for , wasted 120B)	Web App Attack
🇦🇺 AWW-Admin	2026-06-16 01:04:36 (1 hour ago)	(mod_security) mod_security triggered on hostname [redacted] 148.72.209.74 (SG/Singapore/74.209.72.1 ... show more (mod_security) mod_security triggered on hostname [redacted] 148.72.209.74 (SG/Singapore/74.209.72.148.host.secureserver.net) show less	SQL Injection
🇷🇸 Scan	2026-06-16 00:04:22 (2 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 MPL	2026-06-16 00:02:06 (2 hours ago)	tcp port scan (7 or more attempts)	Port Scan
🇳🇱 Savvii	2026-06-15 23:10:20 (3 hours ago)	20 attempts against mh-misbehave-ban on tin	Brute-Force Bad Web Bot Web App Attack
🇺🇸 NXTwoThou	2026-06-15 21:58:20 (4 hours ago)	/___proxy_subdomain_whm/login/%3Flogin_only=1	Web App Attack
🇺🇸 drewf.ink	2026-06-15 19:10:36 (7 hours ago)	[19:10] Port scanning. Port(s) scanned: TCP/2086, TCP/2087	Port Scan
🇳🇱 Savvii	2026-06-15 18:37:20 (8 hours ago)	15 attempts against mh-modsecurity-ban on orcus	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-06-15 18:34:21 (8 hours ago)	148.72.209.74 - - [15/Jun/2026:21:34:17 +0300] "GET /.env HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Macint ... show more 148.72.209.74 - - [15/Jun/2026:21:34:17 +0300] "GET /.env HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" 148.72.209.74 - - [15/Jun/2026:21:34:20 +0300] "GET /wp-config.php HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Web App Attack
🇫🇷 dynamix	2026-06-15 17:53:50 (9 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 17:20:06 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 148.72.209.74 (74.209.72.148.host.secureserver. ... show more (mod_security) mod_security (id:210492) triggered by 148.72.209.74 (74.209.72.148.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:19:59.910970 2026] [security2:error] [pid 16831:tid 16831] [client 148.72.209.74:50602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.63"] [uri "/.git/HEAD"] [unique_id "ajA0P0nhe1Q0iAMxcg_CQgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-15 17:09:02 (9 hours ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,mx02,mx03]	Bad Web Bot Web App Attack
🇩🇪 evilrave	2026-06-15 16:20:32 (10 hours ago)	148.72.209.74 - - [15/Jun/2026:16:20:31 +0000] "GET /.git/HEAD HTTP/1.1" 444 0 Host="[REDACTED_IP]" ... show more 148.72.209.74 - - [15/Jun/2026:16:20:31 +0000] "GET /.git/HEAD HTTP/1.1" 444 0 Host="[REDACTED_IP]" SNI="-" ... show less	Bad Web Bot
🇬🇧 thetomtaylor.co.uk	2026-06-15 16:08:01 (10 hours ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 118.33.113.91

🇨🇳 113.93.109.152

🇺🇸 100.49.117.77

🇬🇧 87.236.176.107

🇺🇸 66.132.186.171

🇺🇸 63.141.245.60

🇬🇧 35.203.211.233

🇹🇼 211.21.61.225

🇵🇰 182.190.218.6

🇺🇸 173.255.242.196

🇺🇸 147.182.218.133

🇹🇭 147.50.227.79

🇻🇳 113.170.224.249

🇨🇳 112.113.130.102

🇱🇻 104.165.205.15

🇮🇳 103.248.120.6

🇮🇩 103.180.118.90

🇺🇸 91.230.168.189

🇲🇾 47.250.141.6

🇰🇪 41.89.96.242