JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.74.74.185

202.74.74.185 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 100%: ?

100%

ISP	PT Global Port Binekatara
Usage Type	Data Center/Web Hosting/Transit
ASN	AS133800
Hostname(s)	ip-185-74-74-202.wjv-1.biznetg.io
Domain Name	globalport.net.id
Country	🇮🇩 Indonesia
City	Bogor, West Java

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.74.74.185

Whois 202.74.74.185

IP Abuse Reports for 202.74.74.185:

This IP address has been reported a total of 39 times from 25 distinct sources. 202.74.74.185 was first reported on March 1st 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 abuseiphack	2026-06-16 18:41:32 (2 days ago)	Automatic report for brute force attack	Web App Attack
🇳🇴 jad-abuse	2026-06-16 15:14:05 (2 days ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. O ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 3 hits. show less	Web App Attack
🇧🇷 Halux	2026-06-15 22:34:51 (3 days ago)	202.74.74.185 Probing protected path or service	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 20:28:55 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 202.74.74.185 (ip-185-74-74-202.wjv-1.biznetg.i ... show more (mod_security) mod_security (id:210492) triggered by 202.74.74.185 (ip-185-74-74-202.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:28:49.410895 2026] [security2:error] [pid 11453:tid 11453] [client 202.74.74.185:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.top-brand.us"] [uri "/.env"] [unique_id "ajBggUHoGMDWtg53F2KVZgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 sdos.es	2026-06-15 15:50:27 (3 days ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
Anonymous	2026-06-15 14:52:08 (3 days ago)	Bot / scanning and/or hacking attempts: GET /users/sign_in HTTP/1.1, GET /.env HTTP/1.1, GET / HTTP/ ... show more Bot / scanning and/or hacking attempts: GET /users/sign_in HTTP/1.1, GET /.env HTTP/1.1, GET / HTTP/1.1 show less	Hacking Web App Attack
🇺🇦 URAN Publishing Service	2026-06-15 08:48:49 (3 days ago)	202.74.74.185 - - [15/Jun/2026:11:45:27 +0300] "GET /.env HTTP/1.1" 404 505 "-" "Mozilla/5.0 (Window ... show more 202.74.74.185 - - [15/Jun/2026:11:45:27 +0300] "GET /.env HTTP/1.1" 404 505 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 202.74.74.185 - - [15/Jun/2026:11:48:48 +0300] "GET /.env HTTP/1.1" 404 730 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" ... show less	Web App Attack
🇩🇪 keep_out	2026-06-15 03:47:01 (3 days ago)	89-nginx-404 ...	Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-06-15 03:15:15 (3 days ago)	Probing websites for vulnerabilities	Web App Attack
Anonymous	2026-06-14 19:18:19 (4 days ago)		Web App Attack
🇺🇸 interbiznw.com	2026-06-14 08:33:20 (4 days ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 05:20:30 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 202.74.74.185 (ip-185-74-74-202.wjv-1.biznetg.i ... show more (mod_security) mod_security (id:210492) triggered by 202.74.74.185 (ip-185-74-74-202.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 01:20:22.575462 2026] [security2:error] [pid 20252:tid 20252] [client 202.74.74.185:57844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.reparcol.es"] [uri "/.env"] [unique_id "ai46FoKjnJWiV19vfIzyPwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 04:52:22 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 202.74.74.185 (ip-185-74-74-202.wjv-1.biznetg.i ... show more (mod_security) mod_security (id:210492) triggered by 202.74.74.185 (ip-185-74-74-202.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:52:14.032755 2026] [security2:error] [pid 3947:tid 3947] [client 202.74.74.185:44750] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ea2cdy.es"] [uri "/.env"] [unique_id "ai4zfhqJEBW7Rlzn_3w2bwAAAG0"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2026-06-14 02:38:45 (4 days ago)	Probing for .env file: 202.74.74.185 - - [14/Jun/2026:04:38:43 +0200] "GET /.env HTTP/1.1" 403 548 " ... show more Probing for .env file: 202.74.74.185 - - [14/Jun/2026:04:38:43 +0200] "GET /.env HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 21:24:52 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 202.74.74.185 (ip-185-74-74-202.wjv-1.biznetg.i ... show more (mod_security) mod_security (id:210492) triggered by 202.74.74.185 (ip-185-74-74-202.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 17:24:46.227662 2026] [security2:error] [pid 8379:tid 8389] [client 202.74.74.185:51568] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.dcs.co.id"] [uri "/.env"] [unique_id "ai3Knnd9jeNXhQzxyjfQ7gAAAUY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 67.213.119.29

🇺🇸 216.218.206.109

🇬🇧 213.166.84.46

🇺🇸 208.84.102.181

🇵🇱 194.180.49.56

🇷🇺 188.243.182.199

🇺🇸 184.105.139.96

🇺🇸 173.252.127.141

🇯🇵 161.33.10.83

🇫🇮 104.245.242.165

🇯🇵 102.204.223.186

🇫🇮 95.214.9.217

🇺🇸 86.104.195.76

🇨🇦 85.217.149.8

🇦🇹 85.124.207.102

🇨🇱 68.211.177.55

🇰🇷 59.8.48.41

🇬🇧 45.198.224.46

🇳🇱 45.142.193.18

🇺🇸 45.132.227.75