JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.215

104.207.49.215 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.215

Whois 104.207.49.215

IP Abuse Reports for 104.207.49.215:

This IP address has been reported a total of 146 times from 17 distinct sources. 104.207.49.215 was first reported on June 4th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-12 02:39:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:39:38.348913 2026] [security2:error] [pid 366692:tid 366692] [client 104.207.49.215:61945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arsenaultartistmanagement.com"] [uri "/site/.git/config"] [unique_id "aY09aiSQUawxLTVMHtTeQwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 19:25:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 14:25:09.375632 2026] [security2:error] [pid 18043:tid 18043] [client 104.207.49.215:12503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arcdesign.me"] [uri "/backend/.env"] [unique_id "aYzXlS90D6fc00ruzsgu3wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-11 04:31:16 (4 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-10 05:00:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:00:47.266100 2026] [security2:error] [pid 14211:tid 14211] [client 104.207.49.215:13239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmelson.com"] [uri "/.env.save"] [unique_id "aYq7f48IKPGewtPnw_aw9wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:33:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:32:53.421630 2026] [security2:error] [pid 19391:tid 19391] [client 104.207.49.215:28307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iat.com.pa"] [uri "/config/.env"] [unique_id "aYqm5SLU-jXDZLD6rd-85AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:58:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:58:16.275342 2026] [security2:error] [pid 29765:tid 29765] [client 104.207.49.215:41685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingmansvc.com"] [uri "/app/.env"] [unique_id "aYqeyLXhc-Svb2uWT-xeAgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:52:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:52:46.881752 2026] [security2:error] [pid 28984:tid 28984] [client 104.207.49.215:53765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hxctechllc.com"] [uri "/admin/.env"] [unique_id "aYqPbhG7kQQM_cp79QU7UAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:35:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:35:22.896536 2026] [security2:error] [pid 11540:tid 11540] [client 104.207.49.215:41363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khtcpl.com"] [uri "/.env.production"] [unique_id "aYqLWluGJMGSTXmwsySg9AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:26:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:25:55.177209 2026] [security2:error] [pid 824:tid 824] [client 104.207.49.215:24915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hudready.com"] [uri "/v2/.git/config"] [unique_id "aYp7E56-XqSYtOW0mJ1P8gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 21:35:09 (4 months ago)	Blocking for trying to access an exploit file: /test/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-09 20:45:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:45:32.483629 2026] [security2:error] [pid 16661:tid 16661] [client 104.207.49.215:15823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honnwong.com"] [uri "/.git/config"] [unique_id "aYpHbPoynNP3HvWRGg8HkAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-01-21 01:05:13 (4 months ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
Anonymous	2025-12-19 20:54:13 (5 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.12.19 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 06:39:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:38:55.402138 2025] [security2:error] [pid 14177:tid 14177] [client 104.207.49.215:23473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tevalaur.com"] [uri "/.svn/wc.db"] [unique_id "aSVO_yg5gI16LaNsSDIIbQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:43:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:43:26.650374 2025] [security2:error] [pid 20061:tid 20061] [client 104.207.49.215:11767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.wplusw.com"] [uri "/.git/HEAD"] [unique_id "aSUz7seyz5Qc-KxCNjh-bQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.249

🇺🇸 2a03:2880:f800:32::

🇫🇷 2a01:e0a:955:780:604f:48c:6efd:d21d

🇩🇪 213.209.159.56

🇹🇼 198.235.24.45

🇺🇸 192.227.146.202

🇧🇴 190.181.46.85

185.196.11.233

185.196.11.232

🇩🇪 150.241.76.42

🇨🇳 113.206.147.189

🇲🇽 104.243.245.183

🇨🇦 89.251.0.35

🇺🇸 70.120.203.193

🇺🇸 64.62.197.16

🇧🇷 45.169.200.254

🇺🇸 20.171.25.167

🇺🇸 20.168.121.94

185.196.11.231

🇺🇸 172.253.7.28