JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.173

104.207.49.173 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.173

Whois 104.207.49.173

IP Abuse Reports for 104.207.49.173:

This IP address has been reported a total of 136 times from 23 distinct sources. 104.207.49.173 was first reported on June 11th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Steve	2026-05-22 15:52:37 (3 weeks ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:24:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:24:04.508482 2026] [security2:error] [pid 14583:tid 14583] [client 104.207.49.173:60937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "militaryordnance.com"] [uri "/config/.env"] [unique_id "aY8l9DdVo3O3UsQwTEhasgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 13:03:26 (4 months ago)	Blocking for trying to access an exploit file: /test/.git/config	Hacking
Anonymous	2026-02-13 09:15:57 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.49.173 (BR/Brazil/-)	SQL Injection
🇺🇸 mnsf	2026-02-13 08:07:19 (4 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:11:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:11:19.338038 2026] [security2:error] [pid 2726661:tid 2726661] [client 104.207.49.173:53011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcefa.org"] [uri "/app/.git/config"] [unique_id "aY7Ah9-zxWpozvvYqTTUigAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:25:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:25:45.808700 2026] [security2:error] [pid 1363636:tid 1363636] [client 104.207.49.173:24201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mattsound.com"] [uri "/test/.git/config"] [unique_id "aY612UHZSNCN0sNyb-0qzQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:51:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:51:03.571610 2026] [security2:error] [pid 30491:tid 30491] [client 104.207.49.173:39069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "market1st.com"] [uri "/.env.local"] [unique_id "aY6fp0rFjLLXkhE9RO2a7QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:16:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:15:57.468792 2026] [security2:error] [pid 18477:tid 18477] [client 104.207.49.173:27779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marcedinc.com"] [uri "/v2/.git/config"] [unique_id "aY6XbZOXtnB6SSzhr1Lb0QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:43:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:43:16.184269 2026] [security2:error] [pid 28968:tid 28968] [client 104.207.49.173:22409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mangamaster.org"] [uri "/admin/.env"] [unique_id "aY6PxGkx__nm5HqRZt63tQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:13:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:13:36.468610 2026] [security2:error] [pid 1718860:tid 1718870] [client 104.207.49.173:26891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magazineofwallstreet.com"] [uri "/.env"] [unique_id "aY56wN361X8i7nDm3g1EHQAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 22:59:47 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 16:49:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:49:38.949108 2026] [security2:error] [pid 6342:tid 6342] [client 104.207.49.173:51113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "corinthianscruise.org"] [uri "/.env"] [unique_id "aY4Eon0JDZ-24I015uiA9gAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 02:16:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 21:15:55.626954 2026] [security2:error] [pid 18371:tid 18371] [client 104.207.49.173:44119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futurbike.it"] [uri "/app/.env"] [unique_id "aYvmWwuPFla-oWOEFShrwQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 19:55:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 14:55:03.699077 2026] [security2:error] [pid 30849:tid 30849] [client 104.207.49.173:57237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fullbladderclub.com"] [uri "/dev/.git/config"] [unique_id "aYuNF_xMvSYJc-Ycbcgw5QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.120.41

🇬🇧 198.244.242.222

🇺🇸 172.208.13.82

🇺🇸 142.251.155.1

🇸🇬 47.79.200.19

🇺🇦 213.231.1.16

🇸🇬 165.154.200.48

🇨🇦 149.5.246.106

🇺🇸 66.132.195.117

🇨🇦 34.19.195.92

🇱🇹 188.69.225.188

🇺🇸 185.111.156.245

🇺🇸 147.185.132.97

🇩🇪 141.82.3.32

🇰🇷 119.195.102.159

🇨🇳 118.250.51.69

🇺🇸 71.6.135.131

🇳🇱 45.148.10.141

🇨🇳 119.23.73.148

🇨🇳 106.13.90.74