JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.1.206.48

74.1.206.48 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 67%: ?

67%

ISP	Internet Utilities NA LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS401339
Domain Name	iana.org
Country	🇹🇼 Taiwan
City	Taipei, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.1.206.48

Whois 74.1.206.48

IP Abuse Reports for 74.1.206.48:

This IP address has been reported a total of 16 times from 11 distinct sources. 74.1.206.48 was first reported on June 24th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 dominioz	2026-06-25 22:27:45 (2 hours ago)	74.1.206.48 [65C0] 16:55:49 Authentication [SMTP] - Result=0, [email protected] ... show more 74.1.206.48 [65C0] 16:55:49 Authentication [SMTP] - Result=0, [email protected], Method=2 74.1.206.48 [7B04] 19:27:41 Authentication [SMTP] - Result=0, [email protected], Method=2 ... show less	Brute-Force
Anonymous	2026-06-25 21:06:05 (3 hours ago)	Trying to access config files	Web App Attack
🇧🇷 dominioz	2026-06-25 19:55:48 (4 hours ago)	74.1.206.48 [7B04] 14:36:31 Authentication [SMTP] - Result=0, [email protected] ... show more 74.1.206.48 [7B04] 14:36:31 Authentication [SMTP] - Result=0, [email protected], Method=2 74.1.206.48 [7B04] 14:36:35 Authentication [SMTP] - Result=0, [email protected], Method=2 74.1.206.48 [65C0] 16:55:44 Authentication [SMTP] - Result=0, [email protected], Method=2 ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 16:28:11 (8 hours ago)	(mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 12:28:04.884457 2026] [security2:error] [pid 10372:tid 10372] [client 74.1.206.48:38550] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cinziallc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cinziallc.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aj1XFGF0P2yJESqqidjYawAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Touzeau	2026-06-25 14:21:51 (10 hours ago)		Email Spam
🇷🇸 Smel	2026-06-25 11:04:49 (13 hours ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇷🇺 saiva	2026-06-25 09:42:46 (15 hours ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
Anonymous	2026-06-25 04:30:54 (20 hours ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇧🇷 KingHost	2026-06-25 03:27:05 (21 hours ago)		Brute-Force
🇷🇺 DZBOT	2026-06-25 02:49:06 (21 hours ago)	DZBOT: Brute-force users IMAP/POP3	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 00:36:29 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 20:36:24.918784 2026] [security2:error] [pid 2623:tid 2623] [client 74.1.206.48:41640] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|smart1services.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "smart1services.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajx4CDozr5E6WYheEwxpRwAAAGI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 23:44:13 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 19:44:05.149073 2026] [security2:error] [pid 30310:tid 30331] [client 74.1.206.48:47164] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|3stepreviewforyou.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "3stepreviewforyou.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajxrxeygBQyqLGesFzRFLQAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 22:45:57 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:45:51.605656 2026] [security2:error] [pid 5044:tid 5044] [client 74.1.206.48:35280] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kelleysbridge.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kelleysbridge.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajxeH5pD2P7BmE6W7RvZGgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 11:43:28 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 74.1.206.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 07:43:24.884230 2026] [security2:error] [pid 7351:tid 7351] [client 74.1.206.48:57452] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|1stadvantageschool.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "1stadvantageschool.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvC3J2h-EsweHUHw1HN-wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 NewGastroline	2026-06-24 11:33:12 (1 day ago)	Malicious request blocked by CrowdSec on gastro-prod1.boreus.de	Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 190.119.168.226

🇷🇺 178.44.247.110

🇫🇷 161.97.177.17

🇸🇬 128.199.64.40

🇬🇧 123.58.207.81

🇲🇽 46.250.172.42

🇩🇪 43.228.157.9

🇺🇸 34.186.17.217

🇳🇱 31.42.176.142

🇨🇳 202.98.200.232

🇬🇧 188.240.59.59

🇯🇵 172.253.15.22

🇲🇽 149.232.132.25

🇫🇷 83.171.226.124

🇺🇸 66.132.195.27

🇭🇰 43.154.133.239

🇸🇬 43.134.42.6

🇯🇵 35.194.100.181

🇮🇳 34.131.203.205

🇩🇪 213.209.159.226