JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.152

104.207.49.152 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.152

Whois 104.207.49.152

IP Abuse Reports for 104.207.49.152:

This IP address has been reported a total of 133 times from 13 distinct sources. 104.207.49.152 was first reported on June 6th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-04-23 05:13:26 (1 month ago)	Form spam	Web Spam
🇺🇸 ambor	2026-04-22 21:15:19 (1 month ago)	Spam submission via ambor.com contact form. User-Agent: Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/2 ... show more Spam submission via ambor.com contact form. User-Agent: Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0. Timestamp: 2026-04-22T21:15:19.303Z show less	Web Spam
🇦🇺 oncord	2026-04-12 04:49:23 (1 month ago)	Form spam	Web Spam
🇩🇪 Lino Project	2026-04-09 22:03:37 (1 month ago)	104.207.49.152 - - [10/Apr/2026:00:03:36 +0200] "GET /xmlrpc.php HTTP/1.1" 403 3718 "https://rivivil ... show more 104.207.49.152 - - [10/Apr/2026:00:03:36 +0200] "GET /xmlrpc.php HTTP/1.1" 403 3718 "https://rivivilo.it/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2026-03-15 10:04:25 (2 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-20 00:16:30 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-19 00:32:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:32:10.663164 2026] [security2:error] [pid 24127:tid 24127] [client 104.207.49.152:53441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "votefordave.org"] [uri "/dev/.git/config"] [unique_id "aZZaClZq2XZvPY7fvlkGTgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-18 22:59:25 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-18	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-02-18 20:14:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:14:43.863671 2026] [security2:error] [pid 1093:tid 1093] [client 104.207.49.152:24935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "transmittersolution.com"] [uri "/.env.save"] [unique_id "aZYds-iVsK2BQixRQ20xiwAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:49:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:49:33.678221 2026] [security2:error] [pid 932:tid 932] [client 104.207.49.152:13571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wendeeholtcamp.com"] [uri "/admin/.env"] [unique_id "aZW1XUw3mz8EdWa7WmnprwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:46:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:46:14.902123 2026] [security2:error] [pid 29941:tid 29941] [client 104.207.49.152:35965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "waltersnet.com"] [uri "/backend/.env"] [unique_id "aZWmhigjfbmc3lcXjNfngwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2026-01-26 17:36:38 (4 months ago)	Form spam	Web Spam
🇮🇩 Burayot	2026-01-03 16:51:42 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.49.152 (BR/Brazil/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.49.152 (BR/Brazil/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:45:56 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:45:50.667334 2025] [security2:error] [pid 3440:tid 3440] [client 104.207.49.152:34175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "the-practical-pionus.com"] [uri "/.env"] [unique_id "aVBTjsk6Wo8KW5Qq8fqh7gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:20:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:20:34.395219 2025] [security2:error] [pid 28985:tid 28985] [client 104.207.49.152:16359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "socialalchemy.com"] [uri "/.svn/wc.db"] [unique_id "aVA_kqAvW5MRU_yo0wISGQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.9

🇬🇧 193.176.29.12

🇬🇧 188.240.59.35

🇮🇳 125.20.210.182

🇸🇬 103.216.221.94

🇩🇪 43.228.157.8

🇰🇷 34.64.253.234

🇺🇸 3.144.8.217

🇺🇸 2604:a880:400:d1:0:4:8bee:2001

🇬🇧 213.166.84.39

🇮🇹 212.66.99.54

🇵🇰 124.29.214.195

🇻🇳 123.24.206.213

🇹🇼 104.155.221.96

🇱🇹 91.224.92.32

🇺🇸 34.162.195.150

🇯🇵 34.97.154.235

🇬🇧 193.163.125.180

🇪🇨 186.5.76.93

🇱🇹 185.163.52.52