JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.116

104.207.49.116 was found in our database!

This IP was reported 123 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.116

Whois 104.207.49.116

IP Abuse Reports for 104.207.49.116:

This IP address has been reported a total of 123 times from 14 distinct sources. 104.207.49.116 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-03-27 21:34:51 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.49.116 (BR/Brazil/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.49.116 (BR/Brazil/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-03-27 11:10:24 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.49.116 (BR/Brazil/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.49.116 (BR/Brazil/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇦🇺 oncord	2026-01-02 12:00:46 (5 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-26 10:11:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:11:53.875826 2025] [security2:error] [pid 26771:tid 26906] [client 104.207.49.116:9053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.oftv.hdtv55.com"] [uri "/.git/HEAD"] [unique_id "aSbSaVRqYPjEDktSOg7WdgAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:13:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:13:10.107081 2025] [security2:error] [pid 12706:tid 12706] [client 104.207.49.116:14343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.linearconceptsllc.com"] [uri "/.git/HEAD"] [unique_id "aSaohqNiVx6sjPmsXSkRyAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:03:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:03:55.856852 2025] [security2:error] [pid 9596:tid 9596] [client 104.207.49.116:11337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.modalsoftware.com"] [uri "/.git/HEAD"] [unique_id "aSZuGx2WrDHIMHf7DinCtwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:24:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:24:14.687679 2025] [security2:error] [pid 20822:tid 20822] [client 104.207.49.116:35357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wisconsinstatehuntingexpo.com"] [uri "/.env"] [unique_id "aSZWvtJvXeUqsHrH22jOHAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 22:59:45 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 04:20:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:20:29.265862 2025] [security2:error] [pid 22074:tid 22074] [client 104.207.49.116:45103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.toddgoranson.com"] [uri "/.env"] [unique_id "aSUujfNTB24wP5RdJ6kb5wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:27:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:27:44.154715 2025] [security2:error] [pid 20485:tid 20485] [client 104.207.49.116:27543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.thegoldreserve.com"] [uri "/.git/HEAD"] [unique_id "aSUiMNeVH3XV2zaP-dFdjQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-10 15:32:09 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.49.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 10 11:32:02.558762 2025] [security2:error] [pid 14980:tid 14980] [client 104.207.49.116:50833] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|murpf.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "murpf.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aOkm8i6rJGwbjSEMyacJlAAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 12:49:10 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 16:18:30 (1 year ago)	Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 09:45:23 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 13:06:50 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 123 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 209.38.39.214

🇻🇳 103.75.182.132

🇸🇬 47.237.167.49

🇳🇱 45.156.87.216

🇺🇸 18.218.36.187

🇺🇸 216.180.246.195

🇯🇴 212.34.19.249

🇲🇽 187.254.50.97

🇺🇸 100.49.117.77

🇳🇱 45.198.224.5

🇰🇷 1.214.214.114

🇬🇧 217.146.80.120

🇺🇸 216.131.84.154

🇨🇳 183.250.233.156

🇺🇸 162.216.150.146

🇺🇸 147.185.132.127

🇨🇳 101.30.185.110

🇬🇧 90.204.225.101

🇺🇸 64.62.156.122

🇬🇧 35.203.211.185