JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.244

104.207.49.244 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.244

Whois 104.207.49.244

IP Abuse Reports for 104.207.49.244:

This IP address has been reported a total of 144 times from 22 distinct sources. 104.207.49.244 was first reported on June 7th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-02-19 07:40:01 (3 months ago)		Web Spam
🇪🇸 10dencehispahard SL	2026-02-16 05:47:32 (3 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇦🇺 oncord	2026-02-15 23:09:36 (3 months ago)	Form spam	Web Spam
🇺🇸 oncord	2026-02-09 18:25:10 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-01-21 13:54:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 08:54:08.135669 2026] [security2:error] [pid 15027:tid 15027] [client 104.207.49.244:47065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "papapizza.pizza"] [uri "/.env"] [unique_id "aXDagLnQ4Z0bnoduyKhuqgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 11:52:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 06:52:35.252011 2026] [security2:error] [pid 3659548:tid 3659548] [client 104.207.49.244:36141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demondomain.com"] [uri "/.env"] [unique_id "aXC-A4nSPlify9oNAbs7SwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 19:13:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 14:12:46.243890 2025] [security2:error] [pid 3125343:tid 3125370] [client 104.207.49.244:50917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aafminstitute.com"] [uri "/wp-config.txt"] [unique_id "aSn0LkrmOkcX0iMXjhfSmAAAANg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-08 03:26:30 (6 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-10-30 16:59:58 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.49.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.49.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 30 12:59:54.780098 2025] [security2:error] [pid 17145:tid 17145] [client 104.207.49.244:13311] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|coopstehedwidge.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coopstehedwidge.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQOZip8HRlzZ3aEvC5lOFwAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-26 10:59:18 (7 months ago)	wordpress-trap	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-25 03:32:55 (7 months ago)	WP Admin Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-23 01:21:05 (7 months ago)	WP Login Scan Activities	Web App Attack
Anonymous	2025-10-22 16:09:57 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-21 08:36:08 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-16 16:56:44 (7 months ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇭🇰 47.239.195.232

🇩🇪 213.209.159.231

🇰🇷 112.121.9.170

🇵🇱 109.243.71.228

🇱🇹 62.60.130.228

🇨🇳 218.206.136.24

🇬🇧 188.240.59.43

🇮🇪 52.16.32.136

🇺🇸 50.123.92.130

🇧🇪 34.62.198.92

🇬🇧 31.14.254.98

🇺🇸 216.25.89.132

🇳🇱 176.65.139.217

🇺🇸 147.185.132.14

🇵🇱 143.20.97.216

🇮🇳 103.70.196.154

🇬🇧 89.37.172.152

🇺🇸 65.49.1.171

🇺🇸 65.49.1.108