JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.49

104.207.58.49 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.49

Whois 104.207.58.49

IP Abuse Reports for 104.207.58.49:

This IP address has been reported a total of 138 times from 21 distinct sources. 104.207.58.49 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 MatStef132	2026-05-19 20:57:53 (2 weeks ago)	MatShield L7: blocked on mathost.eu (click-id-direct-nav)	DDoS Attack
🇳🇱 MatStef132	2026-05-19 20:21:32 (2 weeks ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-14 21:32:38 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2026-01-02 10:52:03 (5 months ago)	Malicious Traffic/Form Submission	Phishing Web Spam
🇺🇸 octageeks.com	2025-11-28 05:10:08 (6 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
Anonymous	2025-11-26 08:13:01 (6 months ago)	Web app attack and vulnerability scan detected from IIS logs	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:20:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:20:27.312636 2025] [security2:error] [pid 26115:tid 26115] [client 104.207.58.49:34473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.swansonlaw.net"] [uri "/.svn/wc.db"] [unique_id "aSaOGzpTKGw1izvaVux1OwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 01:32:02 (6 months ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:13:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:13:09.904793 2025] [security2:error] [pid 1535:tid 1535] [client 104.207.58.49:44151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.lakewaycpaaa.org"] [uri "/.git/HEAD"] [unique_id "aSUexT_vJcX4CPa1hyD9WgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:53:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:53:13.110938 2025] [security2:error] [pid 693654:tid 693654] [client 104.207.58.49:10959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.puregoldmorgans.com"] [uri "/.git/HEAD"] [unique_id "aSUaGVx_R-vumPc6KSTv0AAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:35:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:35:50.847309 2025] [security2:error] [pid 19347:tid 19347] [client 104.207.58.49:45443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.todddavis.net"] [uri "/.git/HEAD"] [unique_id "aSUWBkcrJQt8gzVzaEw8NAAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:25:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:25:40.889157 2025] [security2:error] [pid 5633:tid 5633] [client 104.207.58.49:54721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.chitsey.com"] [uri "/.svn/wc.db"] [unique_id "aSUFlINFdx93B8c8Phi59QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 01:20:06 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 00:48:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:48:09.511561 2025] [security2:error] [pid 8132:tid 8132] [client 104.207.58.49:32955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rivercityacct.com"] [uri "/.svn/wc.db"] [unique_id "aST8yZFqp7lbw3LN4W4BMQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:15:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:14:12.475825 2025] [security2:error] [pid 15938:tid 15962] [client 104.207.58.49:18615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ceresfund.com"] [uri "/.env"] [unique_id "aSQh5IaBygiwvlm31vhMogAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 47.251.180.216

🇧🇷 45.205.1.245

🇫🇷 5.49.180.49

🇧🇷 177.20.179.95

🇳🇱 158.94.211.16

🇫🇮 91.218.123.22

🇳🇱 89.248.163.200

🇷🇴 80.94.92.171

🇺🇸 50.217.40.11

🇯🇵 43.165.185.71

🇺🇸 3.14.88.106

🇲🇽 187.173.146.30

🇩🇪 176.65.132.149

🇭🇰 103.146.159.173

🇺🇸 20.96.179.87

🇷🇺 5.3.149.246

🇺🇸 216.25.89.86

🇫🇷 207.180.227.113

🇹🇿 196.46.97.129

🇲🇰 185.56.250.222