JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.104

104.207.49.104 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.104

Whois 104.207.49.104

IP Abuse Reports for 104.207.49.104:

This IP address has been reported a total of 135 times from 15 distinct sources. 104.207.49.104 was first reported on June 5th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 wlt-blocker	2026-05-29 03:39:28 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇦🇺 oncord	2026-02-25 15:17:32 (3 months ago)	Form spam	Web Spam
🇨🇳 ThreatBook.io	2025-12-30 23:25:52 (5 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.49.104 2 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.49.104 2025-12-30 15:09:39 /.git/HEAD show less	Web App Attack
🇨🇭 backslash	2025-12-30 21:25:01 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-29 06:24:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:24:32.537024 2025] [security2:error] [pid 22882:tid 22882] [client 104.207.49.104:43195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naturalhomebuilders.com"] [uri "/.git/HEAD"] [unique_id "aVIeoKTYnz0GIqq4WyHx0QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:49:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:49:19.819715 2025] [security2:error] [pid 2822:tid 2822] [client 104.207.49.104:25837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "uniquetreasuresshoppes.com"] [uri "/.env"] [unique_id "aVIWX359QqFtTpcSFbHHgwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:12:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:12:05.567895 2025] [security2:error] [pid 23877:tid 23877] [client 104.207.49.104:45693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roigcorporativo.com"] [uri "/.git/HEAD"] [unique_id "aVINpbkCkXC-WGGdPeZ8cQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:53:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:53:38.379429 2025] [security2:error] [pid 11516:tid 11516] [client 104.207.49.104:37221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "captechtraining.com"] [uri "/.env"] [unique_id "aVIJUuth_4DDXVZGdcNoCQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-12-26 02:10:47 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-08 03:49:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 22:49:43.365307 2025] [security2:error] [pid 31565:tid 31565] [client 104.207.49.104:19101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theopinionatedowl.com"] [uri "/.git/HEAD"] [unique_id "aTZK1zI4603ro549oe6o-QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 14:42:55 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 09:42:46.469503 2025] [security2:error] [pid 16661:tid 16661] [client 104.207.49.104:56289] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ptfea.org"] [uri "/.env"] [unique_id "aTWSZuapFC0Vaarh8nPNKQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:07:38 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:07:35.719028 2025] [security2:error] [pid 5877:tid 5877] [client 104.207.49.104:36943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "f40ph.org"] [uri "/.git/HEAD"] [unique_id "aTV8F0r7AeyOxeqiB3EhcwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 brantknudson.org	2025-12-07 12:29:17 (5 months ago)	Request path '/.aws/credentials'	Web App Attack
🇳🇱 homeshowdomain.nl	2025-12-06 23:02:52 (5 months ago)	Auto-ban: >3000 req/min op 2025-12-06	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-06 13:53:15 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:53:08.170929 2025] [security2:error] [pid 32103:tid 32103] [client 104.207.49.104:38377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "santurri.net"] [uri "/.svn/wc.db"] [unique_id "aTQ1RHE7OJ3q7_xLldO5lAAAACc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 185.227.153.56

🇭🇰 114.111.53.116

🇳🇱 45.148.10.151

🇸🇪 192.121.147.47

🇧🇷 191.53.132.12

🇳🇱 88.151.32.80

🇧🇪 34.38.167.157

🇪🇸 31.24.155.180

🇮🇳 2401:4900:1ca2:f566:8961:9e32:33d7:3150

🇺🇸 216.180.246.240

🇵🇰 192.140.150.2

🇧🇷 177.152.143.101

🇺🇸 162.216.149.72

🇺🇸 149.115.139.246

🇺🇸 66.132.186.138

🇺🇸 5.78.205.169

🇩🇪 213.209.159.56

🇩🇪 213.209.159.11

🇧🇪 198.235.24.206

🇳🇱 172.70.47.76