JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.249

104.207.48.249 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.249

Whois 104.207.48.249

IP Abuse Reports for 104.207.48.249:

This IP address has been reported a total of 132 times from 16 distinct sources. 104.207.48.249 was first reported on June 3rd 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 HJ5Ss4Ju	2026-05-28 12:10:14 (1 week ago)	Blocked by Wordfence (SID 6)	Web App Attack
🇦🇺 oncord	2026-03-07 21:27:17 (2 months ago)	Form spam	Web Spam
🇬🇧 oncord	2026-02-18 14:12:01 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-13 23:48:02 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 08:24:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:24:19.083122 2026] [security2:error] [pid 11645:tid 11645] [client 104.207.48.249:9643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lacycustombuilt.com"] [uri "/backend/.env"] [unique_id "aY7fs3ygvCEt4olJqT53YwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:45:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:45:38.071950 2026] [security2:error] [pid 17726:tid 17726] [client 104.207.48.249:38277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kristywernerauthor.com"] [uri "/.env"] [unique_id "aY7Ikoct8h1X5qU92WLcfgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 06:06:00 (3 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:47:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:47:33.545393 2026] [security2:error] [pid 1908034:tid 1908120] [client 104.207.48.249:23193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killerrockandroll.com"] [uri "/app/.git/config"] [unique_id "aY6e1Wyow04PUXjo15V7rAAAAdY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:19:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:19:11.327693 2026] [security2:error] [pid 17445:tid 17469] [client 104.207.48.249:53489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khalessilaw.com"] [uri "/app/.env"] [unique_id "aY6YL9ZkFVS7ynJ4gPRalgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:59:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:59:14.897721 2026] [security2:error] [pid 16923:tid 16923] [client 104.207.48.249:25689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevinfranz.com"] [uri "/v2/.git/config"] [unique_id "aY6TghADarmLRnSMWa_JbgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:31:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:31:21.416280 2026] [security2:error] [pid 17756:tid 17756] [client 104.207.48.249:9237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kemela.com"] [uri "/.env.production"] [unique_id "aY6M-dAnTbuDskjO8wIaaAAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 01:49:19 (3 months ago)	Try to access /.git/config	Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:00:49 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 22:06:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 17:06:00.703362 2026] [security2:error] [pid 10523:tid 10588] [client 104.207.48.249:20793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "absurdotron.com"] [uri "/.git/config"] [unique_id "aY5OyPx-Spqla5bP-MJobAAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 14:51:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 09:51:23.970954 2026] [security2:error] [pid 1903:tid 1903] [client 104.207.48.249:57817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atlanticcitypartybuses.com"] [uri "/.git/config"] [unique_id "aY3o6_1YfkAuCf4vEVxayQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 103.143.231.24

🇩🇴 2001:1308:ae06:d00:15e1:ff64:a0b5:da88

🇺🇸 162.216.149.95

🇯🇵 118.194.228.101

🇺🇸 107.173.234.236

🇺🇸 103.143.11.150

🇮🇩 103.142.89.234

🇨🇦 85.217.149.74

🇰🇭 36.37.169.110

🇨🇳 36.33.167.165

🇭🇰 8.210.12.74

🇧🇦 185.65.107.14

🇩🇪 167.94.145.29

🇧🇩 144.79.133.50

🇨🇳 112.123.107.93

🇮🇩 103.126.117.26

🇮🇩 103.125.103.201

🇸🇬 103.14.79.196

🇧🇬 78.128.113.46

🇺🇸 69.242.67.182