JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.148.5.49

104.148.5.49 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 0%: ?

ISP	Root Networks LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Domain Name	rootnetworks.com
Country	🇺🇸 United States of America
City	Las Vegas, Nevada

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.148.5.49

Whois 104.148.5.49

IP Abuse Reports for 104.148.5.49:

This IP address has been reported a total of 4 times from 3 distinct sources. 104.148.5.49 was first reported on January 1st 2024, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-02-21 13:16:46 (2 years ago)	Common attack or app scan event detected and blocked	Port Scan Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-01-26 22:15:27 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 104.148.5.49 (flejas.pallaced.live): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 104.148.5.49 (flejas.pallaced.live): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 17:15:24.073050 2024] [security2:error] [pid 5956] [client 104.148.5.49:50985] [client 104.148.5.49] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.stdavids-media.com"] [uri "/wp-config.php-backup"] [unique_id "ZbQu_BO6Si1jGqx5R1YEZgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-01-04 09:10:06 (2 years ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2024-01-01 20:47:56 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 104.148.5.49 (flejas.pallaced.live): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 104.148.5.49 (flejas.pallaced.live): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 01 15:45:05.713589 2024] [security2:error] [pid 21106:tid 47487675070208] [client 104.148.5.49:34397] [client 104.148.5.49] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autoconfig.kettlehill.com"] [uri "/.env"] [unique_id "ZZMkUZ836IgZLDlcCxWX1QAAARY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇳 197.240.124.29

🇹🇷 176.91.0.183

🇳🇱 176.65.139.41

🇮🇳 124.123.20.160

🇨🇳 121.89.82.2

🇨🇳 117.50.51.198

🇮🇩 103.83.237.25

🇵🇹 89.153.125.230

🇮🇪 74.234.76.171

🇺🇸 67.205.139.214

🇺🇸 66.132.186.178

🇺🇸 45.156.129.96

🇬🇧 31.14.254.30

🇺🇸 3.143.246.13

🇩🇪 213.209.159.10

🇰🇷 182.208.28.30

🇳🇱 172.94.9.166

🇦🇪 132.243.121.237

🇨🇳 113.218.179.205

🇬🇧 101.36.97.74