JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.131

104.207.49.131 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.131

Whois 104.207.49.131

IP Abuse Reports for 104.207.49.131:

This IP address has been reported a total of 102 times from 14 distinct sources. 104.207.49.131 was first reported on June 6th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:15 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇳🇱 homeshowdomain.nl	2025-11-28 23:02:07 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-28	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-28 16:19:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 11:19:24.057922 2025] [security2:error] [pid 24419:tid 24554] [client 104.207.49.131:54283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "104ventures.com"] [uri "/.git/config"] [unique_id "aSnLjIj8QCtis9OnmvCangAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:28:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:27:53.539487 2025] [security2:error] [pid 28213:tid 28213] [client 104.207.49.131:32837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.phillurie.com"] [uri "/.git/HEAD"] [unique_id "aSVaeYbIGc2EWvdSrbUldAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:21:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:21:26.647536 2025] [security2:error] [pid 1599:tid 1599] [client 104.207.49.131:26605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.winterspring.net"] [uri "/.env"] [unique_id "aSVK5qgeU8095iLXXjLMNAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:49:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:49:47.476617 2025] [security2:error] [pid 22709:tid 22709] [client 104.207.49.131:57829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ellesorority.com"] [uri "/.svn/wc.db"] [unique_id "aSVDewD8Dr7ntfMAAYR5jQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:06:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:06:04.630577 2025] [security2:error] [pid 25888:tid 25888] [client 104.207.49.131:17171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dividivipartners.com"] [uri "/.svn/wc.db"] [unique_id "aSUrLKd4sDf9gR6yMmBv3gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-30 14:36:39 (7 months ago)	WordPress Brute Force	Brute-Force
🇩🇪 Marc	2025-10-29 21:51:12 (7 months ago)		Brute-Force
🇦🇺 oncord	2025-10-26 06:30:37 (7 months ago)	Form spam	Web Spam
🇩🇪 ps-center	2025-10-25 17:10:17 (7 months ago)	MYH: Web Attack POST /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack
🇳🇱 EGP Abuse Dept	2025-10-18 09:47:26 (8 months ago)	Unauthorized connection to SSH port 22	Port Scan Hacking SSH
🇺🇸 nowyouknow	2025-10-17 13:49:44 (8 months ago)	(From [email protected]) Working hard every day but still barely moving forward? It’s ti ... show more (From [email protected]) Working hard every day but still barely moving forward? It’s time to stop the endless grind. Discover how people are earning real money from trading — no office, no boss, no limits. One simple app could be your ticket to financial freedom: https://youtu.be/VmHYisHHOtU to UNSUBSCRIBE: https://casatemporada.site/unsubscribe?domain=boylanchiropractic.com Address: 108 West Street Comstock Park, MI 48721 show less	Phishing Web Spam
🇩🇪 ps-center	2025-10-17 04:50:01 (8 months ago)	C1-W: TCP-Scanner. Port: 22	Port Scan
🇳🇱 cheatmaster.store	2025-06-03 07:27:38 (1 year ago)	Open proxy and SSH brute force activity detected from VPS logs	Open Proxy Brute-Force

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 134.209.86.24

🇺🇸 66.132.186.248

🇳🇱 45.148.10.151

🇺🇸 134.209.75.31

🇫🇷 85.217.140.34

🇨🇦 216.26.251.233

🇩🇪 185.176.94.38

🇮🇹 185.15.168.188

🇨🇳 183.213.114.146

🇭🇰 168.76.131.178

🇺🇸 134.209.72.97

🇺🇸 44.203.109.163

🇭🇰 194.5.83.5

🇺🇸 135.119.47.58

🇩🇪 134.209.236.204

🇸🇬 129.226.200.18

🇻🇳 103.186.101.237

🇳🇱 45.148.10.37

🇮🇩 202.72.196.75

🇺🇸 150.107.38.197