JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.104.110.152

149.104.110.152 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 96%: ?

96%

ISP	Kaopu Cloud HK Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS138915
Domain Name	kaopucloud.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.104.110.152

Whois 149.104.110.152

IP Abuse Reports for 149.104.110.152:

This IP address has been reported a total of 20 times from 19 distinct sources. 149.104.110.152 was first reported on April 5th 2022, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 micropedro	2026-06-19 23:55:27 (2 days ago)	4 incidents: port scanning. First: 2026-06-18 19:36, Last: 2026-06-19 19:55 UTC. Triggers: non-publi ... show more 4 incidents: port scanning. First: 2026-06-18 19:36, Last: 2026-06-19 19:55 UTC. Triggers: non-public-port,firewall-tcp,ufw-repeater,ufw-repeater. show less	Port Scan
🇩🇪 EnthecSolutions	2026-06-19 14:00:40 (2 days ago)	Detected by Enthec Solutions. \| Attempts: 107 in 24h \| Target port: 7001	Port Scan Hacking
🇩🇪 Lino Project	2026-06-19 11:51:50 (2 days ago)	149.104.110.152 - - [19/Jun/2026:13:51:46 +0200] "GET /.env HTTP/1.1" 404 341 "-" "Mozilla/5.0 (comp ... show more 149.104.110.152 - - [19/Jun/2026:13:51:46 +0200] "GET /.env HTTP/1.1" 404 341 "-" "Mozilla/5.0 (compatible)" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Roper123	2026-06-19 11:14:01 (2 days ago)	Web exploits	Web App Attack
🇵🇱 rafamiga	2026-06-19 08:59:00 (2 days ago)	149.104.110.152 [19/Jun/2026:08:59:51 +0000] "GET /mcp_config.json HTTP/1.1" 404 19 "Mozilla/5.0 (co ... show more 149.104.110.152 [19/Jun/2026:08:59:51 +0000] "GET /mcp_config.json HTTP/1.1" 404 19 "Mozilla/5.0 (compatible)" 414259 "backend not found" "/mcp_config.json" 0ms 149.104.110.152 [19/Jun/2026:08:59:54 +0000] "GET /config/mcp.json HTTP/1.1" 404 19 "Mozilla/5.0 (compatible)" 414260 "backend not found" "/config/mcp.json" 0ms 149.104.110.152 [19/Jun/2026:08:59:56 +0000] "GET /gitlab-ci.yml HTTP/1.1" 404 19 "Mozilla/5.0 (compatible)" 414261 "backend not found" "/gitlab-ci.yml" 0ms 149.104.110.152 [19/Jun/2026:08:59:58 +0000] "GET /.gitlab-ci.yml HTTP/1.1" 404 19 "Mozilla/5.0 (compatible)" 414262 "backend not found" "/.gitlab-ci.yml" 0ms 149.104.110.152 [19/Jun/2026:09:00:01 +0000] "GET /gitlab/config/database.yml HTTP/1.1" 404 19 "Mozilla/5.0 (compatible)" 414263 "backend not found" "/gitlab/config/database.yml" 0ms 149.104.110.152 [19/Jun/2026:09:00:05 +0000] "GET /gitlab-secrets.json HTTP/1.1" 404 19 "Mozilla/5.0 (compatible)" 414264 "backend not found" "/gitlab-secrets.json" 0ms show less	Port Scan Brute-Force
Anonymous	2026-06-19 06:17:16 (2 days ago)	2026-06-19T07:17:15.684238+01:00 vps kernel: [43589987.755022] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-19T07:17:15.684238+01:00 vps kernel: [43589987.755022] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=149.104.110.152 DST=54.37.14.118 LEN=44 TOS=0x00 PREC=0x00 TTL=241 ID=9868 PROTO=TCP SPT=49738 DPT=8443 WINDOW=1025 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇬🇧 pearbright	2026-06-18 21:44:47 (3 days ago)	2026-06-18T21:34:07.880893+00:00 srv1093252 kernel: [2564433.067925] [UFW BLOCK] IN=eth0 OUT= MAC=28 ... show more 2026-06-18T21:34:07.880893+00:00 srv1093252 kernel: [2564433.067925] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=149.104.110.152 DST=72.61.19.109 LEN=44 TOS=0x08 PREC=0x20 TTL=242 ID=54722 PROTO=TCP SPT=58311 DPT=5000 WINDOW=1025 RES=0x00 SYN URGP=0 2026-06-18T21:35:32.207784+00:00 srv1093252 kernel: [2564517.394092] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=149.104.110.152 DST=72.61.19.109 LEN=44 TOS=0x08 PREC=0x20 TTL=242 ID=40802 PROTO=TCP SPT=58295 DPT=8888 WINDOW=1025 RES=0x00 SYN URGP=0 2026-06-18T21:37:44.531970+00:00 srv1093252 kernel: [2564649.717752] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=149.104.110.152 DST=72.61.19.109 LEN=44 TOS=0x08 PREC=0x20 TTL=242 ID=32613 PROTO=TCP SPT=58295 DPT=8443 WINDOW=1025 RES=0x00 SYN URGP=0 2026-06-18T21:38:27.777911+00:00 srv1093252 kernel: [2564692.963376] [UFW BLOCK] IN=eth0 OUT= MAC=28:e8:d4:b5:be:84:44:38:39:ff:ff:41:08:00 SRC=149.104.11 ... show less	Port Scan
🇩🇪 onlyops.app	2026-06-18 19:00:05 (3 days ago)	Web application firewall (ModSecurity) detected malicious traffic \| detected by Fail2Ban (plesk-mods ... show more Web application firewall (ModSecurity) detected malicious traffic \| detected by Fail2Ban (plesk-modsecurity jail) \| onlyops.app show less	Exploited Host
🇩🇪 Progetto1	2026-06-18 18:32:02 (3 days ago)	Detected via HAProxyScanner at 2026-06-18 18:32:02 UTC on destination port WEB (80/443). Repeated sc ... show more Detected via HAProxyScanner at 2026-06-18 18:32:02 UTC on destination port WEB (80/443). Repeated scan / connection. show less	Port Scan Hacking Brute-Force
🇩🇪 check-the-sum.fr	2026-06-18 13:45:06 (3 days ago)	Port Scanning	Port Scan
🇩🇪 zupan	2026-06-18 13:44:25 (3 days ago)	Blocked by UFW on vps [7001/tcp] \| SPT: 50220 \| TTL: 244 \| LEN: 44 \| TOS: 0x00 • Reported by: github ... show more Blocked by UFW on vps [7001/tcp] \| SPT: 50220 \| TTL: 244 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 Fasetech	2026-06-18 13:19:35 (3 days ago)	SecLedge detected suspicious activity. Score: 295.08. Sensor: T-Pot.	Brute-Force
🇬🇧 WebServ	2026-06-18 12:52:46 (3 days ago)	Blocked by ufw after 5 attempts in last 300s.	Brute-Force
🇸🇬 celestialcity	2026-06-17 05:53:57 (4 days ago)	Blocked by UFW on celestialcityas [8000/tcp] \| SPT: 55292 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reporte ... show more Blocked by UFW on celestialcityas [8000/tcp] \| SPT: 55292 \| TTL: 234 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 cwytech	2026-06-15 18:34:52 (6 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-http-sensitive-files.	Bad Web Bot Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.3.145.26

🇷🇴 141.98.83.240

🇺🇸 64.62.197.123

🇵🇭 45.114.132.70

🇵🇱 45.38.156.119

🇨🇳 222.85.212.227

🇺🇸 195.184.76.206

🇳🇱 192.253.248.67

🇸🇬 188.166.246.68

🇸🇪 170.62.100.234

🇺🇸 146.190.212.146

🇸🇬 142.91.102.186

🇺🇸 141.11.88.17

🇨🇳 139.170.72.250

🇩🇪 109.91.4.177

🇨🇳 106.12.6.79

🇬🇧 89.37.172.153

🇱🇹 81.30.98.158

🇺🇦 45.150.243.128

🇺🇸 44.96.67.201