JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.149

104.207.58.149 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.149

Whois 104.207.58.149

IP Abuse Reports for 104.207.58.149:

This IP address has been reported a total of 147 times from 25 distinct sources. 104.207.58.149 was first reported on June 8th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:06:07 (2 weeks ago)		Bad Web Bot
🇳🇱 soverin	2026-05-21 21:29:22 (2 weeks ago)	Network scan on port 80	Email Spam
🇫🇷 MatStef132	2026-05-19 21:11:04 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:21:31 (2 weeks ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-15 15:39:10 (3 weeks ago)	MatShield L7 blocked request to mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:38 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-01 19:02:36 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.58.149 (TH/Thailand/-): 1 in the last ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.58.149 (TH/Thailand/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇪🇸 librebit	2026-03-29 02:00:52 (2 months ago)	Brute force	Brute-Force
🇱🇻 garmtech.com	2026-03-28 10:25:16 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 21:09:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 16:08:54.177655 2026] [security2:error] [pid 21947:tid 21947] [client 104.207.58.149:39177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "area52designs.com"] [uri "/.env.production"] [unique_id "aYzv5nrcwz_lfVPyehczRgAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:19:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:19:01.586461 2026] [security2:error] [pid 18298:tid 18298] [client 104.207.58.149:43401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iclog.us"] [uri "/v2/.git/config"] [unique_id "aYqxtdgmZpq2iKQzz7LA4gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 02:25:37 (3 months ago)	Blocking for trying to access an exploit file: /new/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-10 00:49:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:48:47.907833 2026] [security2:error] [pid 24142:tid 24142] [client 104.207.58.149:18043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keyspring-niseko.com"] [uri "/config/.env"] [unique_id "aYqAb1vioS6XLSqlo9EXRAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:55:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:55:30.939776 2026] [security2:error] [pid 26249:tid 26249] [client 104.207.58.149:33475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kennedimoore.click"] [uri "/app/.env"] [unique_id "aYpz8t_vvm1fTVa_UfOu_QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:27:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:27:43.279415 2026] [security2:error] [pid 24672:tid 24672] [client 104.207.58.149:43441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithgill.com"] [uri "/backend/.env"] [unique_id "aYptb8v1nGbJYzTzXVEmfwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.207

🇩🇪 193.228.139.227

🇳🇱 193.176.31.209

🇨🇳 183.0.0.0

🇨🇳 113.215.186.7

🇺🇸 107.175.156.157

🇳🇱 91.92.42.203

🇱🇹 62.60.130.139

🇺🇸 47.251.5.136

🇨🇳 36.111.42.36

🇮🇩 2a02:4780:6:1509:0:1bf6:3f1f:1

🇵🇰 223.123.72.43

🇺🇸 195.184.76.183

🇳🇱 185.93.104.144

🇨🇳 180.96.0.0

🇺🇸 178.156.244.208

🇳🇱 176.65.139.238

🇰🇼 168.187.111.90

🇮🇳 103.248.120.6

🇭🇰 101.36.111.86