JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.242

104.207.49.242 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.242

Whois 104.207.49.242

IP Abuse Reports for 104.207.49.242:

This IP address has been reported a total of 136 times from 21 distinct sources. 104.207.49.242 was first reported on June 7th 2024, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 webgobe	2026-06-05 22:50:51 (15 hours ago)	wew-Joomla User : try to access forms...	Hacking
🇺🇸 webgobe	2026-05-13 09:12:17 (3 weeks ago)	wew-Joomla User : try to access forms...	Hacking
🇨🇭 backslash	2026-04-18 12:27:00 (1 month ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇩🇪 stinpriza	2026-03-06 00:32:11 (3 months ago)	Web App Attack	Web App Attack
🇩🇪 F242	2026-01-30 12:21:10 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:29 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-11-27 22:53:59 (6 months ago)	(mod_security) mod_security (id:210740) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210740) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:53:51.832567 2025] [security2:error] [pid 712800:tid 712800] [client 104.207.49.242:43029] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|www.neff.family.name\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.neff.family.name"] [uri "/unwiki/gastenboek.php"] [unique_id "aSjWf5KIlslbyfjM_Bi9sgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:34:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:34:34.140844 2025] [security2:error] [pid 32526:tid 32526] [client 104.207.49.242:20805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thisisaboutscience.com"] [uri "/.env"] [unique_id "aSVcCrYHycmsmBTc-NFNhAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:10:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:10:01.159230 2025] [security2:error] [pid 11386:tid 11386] [client 104.207.49.242:24647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.salesfunnelworkflow.wholesalelivelobsters.com"] [uri "/.git/HEAD"] [unique_id "aSVIOXgChS4vO88E0-NsYAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:57:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:56:57.357456 2025] [security2:error] [pid 18778:tid 18778] [client 104.207.49.242:32209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.aarentes.com"] [uri "/.git/HEAD"] [unique_id "aSUpCcTvbDoJWv8uwL6d6wAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:21:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:21:22.676397 2025] [security2:error] [pid 10126:tid 10126] [client 104.207.49.242:15253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.danharrisphotoart.com"] [uri "/.git/HEAD"] [unique_id "aSUgsrY-23U-hs7jQF4quwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2025-11-24 23:37:30 (6 months ago)	tcp/80 (18 or more attempts)	Port Scan
🇺🇸 MPL	2025-11-24 23:37:30 (6 months ago)	tcp/80 (9 or more attempts)	Port Scan
🇯🇵 ki3	2025-11-01 05:25:58 (7 months ago)	Fail2Ban: Web App Attacks and Forum Spam 104.207.49.242 1761974757.0(JST)	Web Spam Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 203.154.158.195

🇨🇴 190.109.21.249

🇲🇽 186.96.145.241

🇫🇮 147.185.133.216

🇨🇳 106.12.128.30

🇵🇱 83.168.95.208

🇫🇷 185.2.103.46

🇺🇸 162.216.150.248

🇨🇦 148.113.221.114

🇨🇳 103.91.208.101

🇺🇸 98.159.38.146

🇰🇿 95.58.255.251

🇮🇳 59.179.31.237

🇫🇷 2001:41d0:33d:9200::405

🇸🇬 194.233.76.87

🇩🇪 141.11.107.166

🇰🇷 59.24.28.114

🇨🇳 58.50.162.159

🇧🇷 43.164.195.69

🇮🇳 4.213.160.153