JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.202

104.207.49.202 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.202

Whois 104.207.49.202

IP Abuse Reports for 104.207.49.202:

This IP address has been reported a total of 140 times from 18 distinct sources. 104.207.49.202 was first reported on June 14th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-02-15 12:49:57 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:45:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:45:27.846935 2026] [security2:error] [pid 31440:tid 31450] [client 104.207.49.202:21955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toastandfigs.com"] [uri "/backup/.git/config"] [unique_id "aZG_531kHR_DNCMGsoVpUgAAAMY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:28:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:28:15.097754 2026] [security2:error] [pid 21004:tid 21004] [client 104.207.49.202:56221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title34.com"] [uri "/test/.git/config"] [unique_id "aZG734xIb7Wf9SSP6xM9XQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-15 12:13:39 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.49.202 (BR/Brazil/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.49.202 (BR/Brazil/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 myagent.site	2026-02-15 12:13:04 (3 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇦🇺 2000cn.com.au	2026-02-15 11:42:00 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:40:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:40:08.435068 2026] [security2:error] [pid 533051:tid 533140] [client 104.207.49.202:36069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tbdesigned.com"] [uri "/config/.env"] [unique_id "aZGwmNix324pwJEQE_-jLwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ecode hosting	2026-02-15 05:10:08 (3 months ago)	Domain : sunnavturkey.com Rule : config 2026-02-15 05:08:03 10.100.1.20 GET /api/.git/config - 80 - ... show more Domain : sunnavturkey.com Rule : config 2026-02-15 05:08:03 10.100.1.20 GET /api/.git/config - 80 - 104.207.49.202 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 - sunnavturkey.com 404 8 0 264 168 162 - - show less	Hacking SQL Injection
🇳🇱 jjnxpct	2026-02-15 04:48:32 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /test/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:11:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:11:52.916144 2026] [security2:error] [pid 6874:tid 6874] [client 104.207.49.202:61837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stormwlf.com"] [uri "/site/.git/config"] [unique_id "aZFHiKr9p3Dz6TjN96FyMwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:20:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:20:28.081925 2026] [security2:error] [pid 4763:tid 4763] [client 104.207.49.202:55969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starrmail.net"] [uri "/.git/config"] [unique_id "aZE7fMt3JFPLCiwZ1Bo4fQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:25:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:25:19.021204 2026] [security2:error] [pid 210520:tid 210520] [client 104.207.49.202:35859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mysticbitchsalon.com"] [uri "/.env.staging"] [unique_id "aZEuj2u3SF1HRG5Is1U_kAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 02:05:50 (3 months ago)	Too many Status 40X (11) Scanning/Probing (14)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:45:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:45:43.489199 2026] [security2:error] [pid 3158:tid 3158] [client 104.207.49.202:45689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "myairbalance.org"] [uri "/app/.git/config"] [unique_id "aZElR_1LcQlYFHMW1NNkQQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:02:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:02:19.171852 2026] [security2:error] [pid 27754:tid 27754] [client 104.207.49.202:63593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "longleggedblond.com"] [uri "/admin/.git/config"] [unique_id "aZENC4rsUNCuU0XP7tu4xgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇱 109.236.45.211

🇰🇷 221.148.201.226

🇳🇱 193.176.31.233

🇮🇷 193.151.141.41

🇩🇴 181.37.209.205

🇫🇷 163.5.241.60

🇫🇷 163.5.241.58

🇫🇷 163.5.241.22

🇸🇬 152.42.195.45

🇭🇰 128.1.131.137

🇨🇳 120.48.67.104

🇭🇰 101.36.124.127

🇱🇹 62.60.130.236

🇨🇳 61.151.249.194

🇳🇱 45.148.10.141

🇺🇸 20.169.106.57

🇨🇦 15.235.98.250

🇩🇪 217.234.92.249

🇲🇦 196.117.251.175

🇵🇦 190.140.131.169