JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.228

104.207.49.228 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.228

Whois 104.207.49.228

IP Abuse Reports for 104.207.49.228:

This IP address has been reported a total of 132 times from 14 distinct sources. 104.207.49.228 was first reported on June 5th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-17 03:04:07 (3 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 06:29:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 01:29:25.857324 2026] [security2:error] [pid 22251:tid 22251] [client 104.207.49.228:37703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artsun.com"] [uri "/test/.git/config"] [unique_id "aY1zRVHkyt-oug5O_MY_4AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇱 ifiguero	2026-02-10 06:29:00 (4 months ago)	Web Attack (\x00\x00\x00\x00\x00). 7d ban	Web App Attack
🇧🇾 lns.bz	2026-02-10 06:15:00 (4 months ago)	.env scanning [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:58:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:58:35.853223 2026] [security2:error] [pid 17981:tid 17981] [client 104.207.49.228:42367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icansayit.com"] [uri "/.env.save"] [unique_id "aYqs6_IPIFxP7GEmbUP9kAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:51:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:51:32.747492 2026] [security2:error] [pid 23280:tid 23280] [client 104.207.49.228:16125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hwy251.com"] [uri "/dev/.git/config"] [unique_id "aYqPJAenYfwhxh31_up4LwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:37:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:37:05.467192 2026] [security2:error] [pid 11519:tid 11519] [client 104.207.49.228:43101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hshr.com"] [uri "/admin/.env"] [unique_id "aYpvofJsxb6ihUZ1tZJE9AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 22:05:29 (4 months ago)	Blocking for trying to access an exploit file: /.env.production	Hacking
🇺🇸 TPI-Abuse	2026-02-09 22:03:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:03:33.284117 2026] [security2:error] [pid 314932:tid 314932] [client 104.207.49.228:39999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathiekate.com"] [uri "/api/.git/config"] [unique_id "aYpZtUscoYtRi74Nqu8g7QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:35:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:35:11.335212 2026] [security2:error] [pid 19338:tid 19400] [client 104.207.49.228:11049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honeyled.com"] [uri "/api/.git/config"] [unique_id "aYpE_4WE2kxo01YgpUqeKgAAAEc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2025-12-29 04:55:17 (5 months ago)	tcp/80; SVN repository metadata exposure attempt: "GET /.svn/wc.db" @ 2025-12-29T04:49:42Z [proxy]	Web App Attack
🇱🇻 garmtech.com	2025-11-24 11:39:35 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:57:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:56:52.591043 2025] [security2:error] [pid 12633:tid 12633] [client 104.207.49.228:55607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pointillistic.com"] [uri "/.git/HEAD"] [unique_id "aSQPxNbiq-AZ2V1WJCDwdAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:39:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:39:18.343840 2025] [security2:error] [pid 28290:tid 28290] [client 104.207.49.228:60915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atlanticcitypartybuses.com"] [uri "/.env"] [unique_id "aSQLpnT9xHipaqoeOZdy9wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:25:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:25:37.855950 2025] [security2:error] [pid 9608:tid 9608] [client 104.207.49.228:23301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.cuch.net"] [uri "/.env"] [unique_id "aSPsUbBHTjLT9_dBS9TU0wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 149.118.135.252

🇮🇳 122.187.225.78

🇰🇷 112.164.209.55

🇸🇬 103.189.235.176

🇮🇳 103.168.1.253

🇸🇬 47.128.33.52

🇭🇰 220.246.184.39

🇳🇱 176.65.139.36

🇺🇸 162.216.150.238

🇨🇦 85.217.149.4

🇳🇱 85.121.127.212

🇮🇷 80.191.201.151

🇨🇱 68.211.177.55

🇬🇧 35.203.211.62

🇬🇧 8.208.3.112

🇰🇷 211.193.245.27

🇷🇴 193.46.255.86

🇨🇳 180.184.142.135

🇺🇸 172.113.197.154

🇺🇸 162.216.150.157