JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 74.208.125.4

74.208.125.4 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	IONOS Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8560
Hostname(s)	ip74-208-125-4.pbiaas.com
Domain Name	ionos.com
Country	🇺🇸 United States of America
City	Kansas City, Missouri

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 74.208.125.4

Whois 74.208.125.4

IP Abuse Reports for 74.208.125.4:

This IP address has been reported a total of 22 times from 19 distinct sources. 74.208.125.4 was first reported on December 8th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 polycoda	2026-03-25 13:26:21 (2 months ago)	AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based)	Hacking Web App Attack
🇩🇪 todix	2026-03-25 13:22:45 (2 months ago)	Web App Attack Exploid from 74.208.125.4	Web App Attack
🇩🇪 big-cloud.nl	2026-03-25 13:19:30 (2 months ago)	Try to access /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 13:17:54 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 74.208.125.4 (ip74-208-125-4.pbiaas.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 74.208.125.4 (ip74-208-125-4.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 09:17:47.412553 2026] [security2:error] [pid 19939:tid 19939] [client 74.208.125.4:56826] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "indiahouseportland.com"] [uri "/.env"] [unique_id "acPgexryooWrhgk7dfSgQQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-03-25 13:17:27 (2 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇩🇪 Lino Project	2026-03-25 13:14:02 (2 months ago)	74.208.125.4 - - [25/Mar/2026:14:11:00 +0100] "GET /.env HTTP/1.1" 403 3906 "-" "Mozilla/5.0 (Window ... show more 74.208.125.4 - - [25/Mar/2026:14:11:00 +0100] "GET /.env HTTP/1.1" 403 3906 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 74.208.125.4 - - [25/Mar/2026:14:14:01 +0100] "GET /.env HTTP/1.1" 403 4065 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:123.0) Gecko/20100101 Firefox/123.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-03-25 13:08:35 (2 months ago)	Restricted File Access Attempt. Matched phrase "/.env" at REQUEST_FILENAME. (930130-122)	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-03-25 13:06:14 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 mnsf	2026-03-25 13:05:29 (2 months ago)	Scanning/Probing (17)	Brute-Force Web App Attack
Anonymous	2026-03-25 13:05:02 (2 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 12:58:20 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 74.208.125.4 (ip74-208-125-4.pbiaas.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 74.208.125.4 (ip74-208-125-4.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 08:58:13.431722 2026] [security2:error] [pid 29029:tid 29029] [client 74.208.125.4:51029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beirutbazar.com"] [uri "/.env"] [unique_id "acPb5cpvbF7NVp1v4dIiOwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-03-25 12:49:23 (2 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 interbiznw.com	2026-03-25 12:45:36 (2 months ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 12:41:18 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 74.208.125.4 (ip74-208-125-4.pbiaas.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 74.208.125.4 (ip74-208-125-4.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 08:41:11.845292 2026] [security2:error] [pid 21993:tid 21993] [client 74.208.125.4:53872] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goldcountrygermanamericanclub.org"] [uri "/.env"] [unique_id "acPX59YiRCU_lyrNOr1cFQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 Halux	2026-03-25 12:36:32 (2 months ago)	74.208.125.4 Probing protected path or service	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.87

🇺🇸 66.132.195.90

🇨🇳 220.205.123.57

🇯🇵 218.219.234.85

🇺🇸 205.210.31.65

🇰🇿 178.91.48.62

🇨🇳 112.94.252.107

🇨🇦 85.217.149.42

🇮🇩 43.165.194.10

🇧🇷 190.115.84.25

🇻🇳 103.149.28.30

🇮🇪 52.17.24.108

🇳🇱 45.148.10.157

🇪🇬 41.33.91.226

🇺🇸 18.119.11.219

🇺🇸 13.89.125.19

🇭🇰 165.154.6.75

🇨🇳 125.126.197.44

🇳🇱 45.148.10.151

🇮🇩 43.230.5.42