JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.189

104.207.49.189 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 49%: ?

49%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.189

Whois 104.207.49.189

IP Abuse Reports for 104.207.49.189:

This IP address has been reported a total of 148 times from 24 distinct sources. 104.207.49.189 was first reported on June 11th 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 NetShield-DE	2026-06-22 04:08:08 (1 hour ago)	Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-06-22T ... show more Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-06-22T06:07:01+0200. Last: 2026-06-22T06:07:01+0200. Samples: - 2026-06-21 07:44:57,829 fail2ban.actions [3599610]: NOTICE [abuseipdb] Ban 104.207.49.189 show less	Web App Attack
🇩🇪 NetShield-DE	2026-06-21 23:08:08 (6 hours ago)	Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-06-22T ... show more Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-06-22T01:07:02+0200. Last: 2026-06-22T01:07:02+0200. Samples: - 2026-06-21 07:44:57,829 fail2ban.actions [3599610]: NOTICE [abuseipdb] Ban 104.207.49.189 show less	Web App Attack
🇲🇹 Malta	2026-06-20 07:52:22 (1 day ago)	104.207.49.189 - - [20/Jun/2026:09:52:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ... show more 104.207.49.189 - - [20/Jun/2026:09:52:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64; rv:118.0) Gecko/20100101 Firefox/118.0" show less	Hacking Web App Attack
🇩🇪 LRob.fr	2026-06-19 21:45:08 (2 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇷 tecnicorioja	2026-06-13 22:00:40 (1 week ago)	wp-login attack [13/Jun/2026:03:26:34	Brute-Force Web App Attack
Anonymous	2026-06-13 11:48:50 (1 week ago)	[server.tmg.gr] httpd-login-spray-site: sites=tmg.gr; logs=/var/log/httpd/domains/tmg.gr.log; sample ... show more [server.tmg.gr] httpd-login-spray-site: sites=tmg.gr; logs=/var/log/httpd/domains/tmg.gr.log; samples=site_wide=true \| distinct_ips=15 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-11 22:25:41 (1 week ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-10 22:25:40 (1 week ago)		Brute-Force Web App Attack
🇷🇴 SpamStopper	2026-06-10 16:19:48 (1 week ago)	Fail2Ban - WordPress Hard - Repeated attempts to force authentication and privilege escalation	Brute-Force Web App Attack
🇨🇭 backslash	2026-05-23 05:03:08 (4 weeks ago)		Bad Web Bot
🇦🇺 afleventoffice.com.au	2026-05-13 14:47:53 (1 month ago)	GET /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings HTTP/1.1	Web App Attack
🇬🇧 knock	2026-05-06 22:59:47 (1 month ago)	Knock-Knock honeypot brute-force: proto8 (1 total hits)	Brute-Force
🇨🇳 ThreatBook.io	2026-04-23 23:10:17 (1 month ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/104.207.49.189 2026-04-23 0 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/104.207.49.189 2026-04-23 06:40:36 /whmcs 2026-04-23 06:35:36 /webapp/examples/showCfg 2026-04-23 06:47:00 /.git/ 2026-04-23 06:34:50 /estore/annotated-index.html 2026-04-23 06:35:34 /webapp/examples/HelloPervasive 2026-04-23 06:35:29 /shell 2026-04-23 06:35:32 /base 2026-04-23 06:35:27 /statistics.jsp 2026-04-23 06:35:38 /.git/../../WEB-INF/web.xml? show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:43:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:43:30.107149 2025] [security2:error] [pid 14129:tid 14129] [client 104.207.49.189:53465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.villandance.com"] [uri "/.env"] [unique_id "aSVCAmzc5QVDMRX0ID4itwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:43:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:43:41.140483 2025] [security2:error] [pid 27669:tid 27669] [client 104.207.49.189:27947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.estellenussbaum.com"] [uri "/.svn/wc.db"] [unique_id "aSUz_Zx47z8SqisMp6bjSQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.98.122.37

🇯🇲 216.10.217.26

🇺🇸 205.210.31.100

🇧🇪 198.235.24.230

🇳🇱 193.176.31.237

🇺🇸 184.105.247.238

🇺🇸 143.110.132.95

🇧🇷 131.196.29.202

🇸🇴 102.218.10.150

🇨🇦 85.217.149.41

🇸🇬 84.75.155.145

🇳🇱 45.92.1.134

🇧🇾 37.214.16.156

🇺🇸 20.29.21.127

🇮🇩 202.58.76.167

🇨🇳 182.54.23.10

🇳🇱 178.128.246.158

🇮🇳 163.61.66.8

🇷🇴 141.98.83.48

🇰🇷 121.125.70.58