JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.49

104.207.48.49 was found in our database!

This IP was reported 156 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.49

Whois 104.207.48.49

IP Abuse Reports for 104.207.48.49:

This IP address has been reported a total of 156 times from 27 distinct sources. 104.207.48.49 was first reported on June 20th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-02-16 00:05:43 (3 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇧🇾 lns.bz	2026-02-15 12:17:50 (3 months ago)	.env scanning [BY]	Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 11:59:19 (3 months ago)	(modsecurity) srv103 ModSecurity 104.207.48.49 (BR/Brazil/-): 5 in the last 3600 secs; Ports: ; Dir ... show more (modsecurity) srv103 ModSecurity 104.207.48.49 (BR/Brazil/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:23:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:23:11.491542 2026] [security2:error] [pid 18703:tid 18703] [client 104.207.48.49:56947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theurbanlogger.com"] [uri "/v2/.git/config"] [unique_id "aZGsnxBOFZxW78Sq31NeAQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-02-15 06:12:54 (3 months ago)	11 attacks on VC URLs, env grabbing URLs: GET /new/.git/config HTTP/1.1 GET /.env.local HTTP/1.1	Hacking
🇺🇸 TPI-Abuse	2026-02-15 05:57:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:56:55.207859 2026] [security2:error] [pid 15089:tid 15089] [client 104.207.48.49:33991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "switkoprofiri.org"] [uri "/frontend/.env"] [unique_id "aZFgJ0PSIO5bET5F2vATxwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 03:47:22 (3 months ago)	Blocking for trying to access an exploit file: /wp/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-15 03:33:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:33:22.121350 2026] [security2:error] [pid 4580:tid 4580] [client 104.207.48.49:54227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steamheat.tech"] [uri "/.env.staging"] [unique_id "aZE-gtSptK0p6hNV9QrtYwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:17:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:17:20.437621 2026] [security2:error] [pid 26234:tid 26234] [client 104.207.48.49:59939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stardancertantra.com"] [uri "/admin/.git/config"] [unique_id "aZE6wAK6lAB3KSdhwL9kOgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:46:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:46:38.658577 2026] [security2:error] [pid 2404636:tid 2404636] [client 104.207.48.49:29379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "springmeadowventures.com"] [uri "/.env"] [unique_id "aZEzjkKNB5chL1iBuViNxQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:20:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:20:19.870432 2026] [security2:error] [pid 14636:tid 14636] [client 104.207.48.49:59959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mundanestudies.org"] [uri "/.env.save"] [unique_id "aZEfU7D1V3RZJdj4_owLPwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:01:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:01:42.193160 2026] [security2:error] [pid 1065260:tid 1065260] [client 104.207.48.49:58055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mspish.com"] [uri "/dev/.git/config"] [unique_id "aZEa9kkEGkHd1Lp3twpphAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:44:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:44:22.752409 2026] [security2:error] [pid 32432:tid 32432] [client 104.207.48.49:64267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lucitania.com"] [uri "/new/.git/config"] [unique_id "aZEW5iSM2peaLv_NVaG7QAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-02-14 23:17:40 (3 months ago)	Restricted File Access Attempt. Matched phrase "/.env" at REQUEST_FILENAME. (930130-122)	Hacking Web App Attack
🇺🇸 mnsf	2026-02-14 23:06:10 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack

Showing 1 to 15 of 156 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 172.253.237.28

🇨🇳 171.107.141.21

🇻🇳 160.191.244.213

🇺🇸 107.172.204.15

🇰🇷 106.246.89.73

🇫🇷 51.91.177.29

🇯🇵 8.211.162.45

🇹🇼 198.235.24.110

🇩🇪 150.241.76.42

🇧🇩 103.183.62.1

🇮🇳 52.140.76.154

🇺🇸 2607:f8b0:4001:c62::12a

🇨🇳 221.234.36.123

🇹🇼 198.235.24.80

🇸🇬 124.156.202.242

🇺🇸 71.6.232.28

🇩🇪 51.68.179.180

🇺🇸 155.254.16.52

🇺🇸 147.185.132.135

🇬🇧 68.183.43.38