JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.249

104.207.49.249 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.249

Whois 104.207.49.249

IP Abuse Reports for 104.207.49.249:

This IP address has been reported a total of 130 times from 12 distinct sources. 104.207.49.249 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 MatStef132	2026-05-19 21:18:22 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:59:02 (2 weeks ago)	MatShield L7: blocked on dstat.selify.io (click-id-direct-nav)	DDoS Attack
🇫🇷 MatStef132	2026-05-14 21:32:37 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇺🇸 TRoden	2026-01-25 18:53:11 (4 months ago)	Geo Block Plugin: Escalation flag(s): rce_attempt	Hacking
🇬🇧 pinguin	2025-12-04 02:10:30 (6 months ago)	Triggered Cloudflare WAF (firewallManaged) from CA. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from CA. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.git/HEAD UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-24 06:50:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:50:03.024599 2025] [security2:error] [pid 23273:tid 23273] [client 104.207.49.249:33371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kipdollar.com"] [uri "/.svn/wc.db"] [unique_id "aSQAGw9ohv9yEFwBfvemZgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:09:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:09:02.587144 2025] [security2:error] [pid 3225:tid 3225] [client 104.207.49.249:14305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.battlestem.bridgital.com"] [uri "/.git/HEAD"] [unique_id "aSP2fsMRf5qc9dhOZgQddQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:22:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.249 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:22:12.082579 2025] [security2:error] [pid 21912:tid 21912] [client 104.207.49.249:23149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.capitalacc.com"] [uri "/.svn/wc.db"] [unique_id "aSPPZOR1AR7Szs-XKJhWYAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-10 22:51:14 (7 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-09 21:37:33 (7 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.09 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-08 14:29:59 (7 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.08 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-07 13:44:47 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 16:48:59 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 20:30:19 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 02:15:03 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 209.250.232.120

🇵🇰 153.117.8.143

🇫🇮 147.185.133.69

🇰🇷 112.216.108.62

🇺🇸 98.127.109.103

🇩🇪 94.31.110.19

🇧🇪 34.78.26.73

🇹🇼 218.161.25.7

🇲🇾 183.171.191.175

🇰🇷 175.195.192.197

🇨🇦 99.245.20.104

🇺🇸 99.92.218.40

🇲🇩 185.162.141.34

🇦🇹 178.115.82.141

🇮🇳 122.164.127.47

🇮🇳 103.127.170.128

🇳🇱 45.87.249.200

🇬🇧 35.203.210.172

🇸🇦 5.245.153.9

🇨🇳 183.150.201.170