JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.181

104.207.49.181 was found in our database!

This IP was reported 122 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.181

Whois 104.207.49.181

IP Abuse Reports for 104.207.49.181:

This IP address has been reported a total of 122 times from 14 distinct sources. 104.207.49.181 was first reported on June 11th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-09 21:47:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:47:42.706428 2026] [security2:error] [pid 9858:tid 9858] [client 104.207.49.181:53987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garyoneal.com"] [uri "/admin/.env"] [unique_id "aYpV_jh0gGyiTCCkAJzTEgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:12:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:12:21.001648 2026] [security2:error] [pid 771494:tid 771503] [client 104.207.49.181:46505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gapm.eu"] [uri "/site/.git/config"] [unique_id "aYpNtXeAj16Xsm7lkAkMgQAAAQc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-08 21:14:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 16:14:25.108309 2026] [security2:error] [pid 20161:tid 20161] [client 104.207.49.181:22725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fsmfl.com"] [uri "/backup/.git/config"] [unique_id "aYj8sbSPFPb3D4DBlv1eYgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 pixelboost.kr	2026-02-04 01:38:14 (4 months ago)	104.207.49.181 - - [04/Feb/2026:10:38:12 +0900] "HEAD / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT ... show more 104.207.49.181 - - [04/Feb/2026:10:38:12 +0900] "HEAD / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 01:52:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 20:52:42.519478 2025] [security2:error] [pid 18981:tid 19024] [client 104.207.49.181:38701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abusaimeh.com"] [uri "/.env.bak"] [unique_id "aSpR6jwsuP-_w8D1A143rQAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:26:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:26:31.858650 2025] [security2:error] [pid 26878:tid 26878] [client 104.207.49.181:13405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.wholesalelivelobsters.com"] [uri "/.env"] [unique_id "aSVMF3tXkswHGGf0HpcDeAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:30:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:30:15.672926 2025] [security2:error] [pid 24766:tid 24766] [client 104.207.49.181:25135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eeeckythump.net"] [uri "/.env"] [unique_id "aSU-5xJQxMoeYZDVzIHZ1QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 04:40:29 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:28:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:28:28.515455 2025] [security2:error] [pid 9798:tid 9798] [client 104.207.49.181:29365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "completemodular.com"] [uri "/.git/HEAD"] [unique_id "aSUGPBskEnrDNrTiqswA-wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 AWW-Admin	2025-10-29 16:19:27 (7 months ago)	(wordpress) Failed wordpress login from 104.207.49.181 (BR/Brazil/-)	Brute-Force
Anonymous	2025-04-07 13:35:44 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 22:28:46 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 15:19:53 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 17:11:39 (1 year ago)	Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 04:10:57 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 122 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 211.90.251.127

🇨🇳 203.168.23.1

🇪🇹 196.188.160.11

🇵🇱 194.180.49.71

🇰🇿 188.247.198.38

🇺🇿 188.113.250.40

🇺🇿 188.113.241.121

🇺🇿 188.113.215.249

🇱🇹 185.169.4.202

🇨🇳 183.4.16.90

🇺🇸 159.223.186.10

🇧🇷 138.122.134.90

🇺🇸 98.159.37.188

🇬🇧 87.236.176.127

🇳🇱 45.148.10.51

🇰🇿 37.151.66.184

🇦🇿 37.61.125.18

🇰🇿 2.132.234.110

🇷🇴 2.57.121.25

🇺🇸 216.25.89.142