JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.25

104.207.49.25 was found in our database!

This IP was reported 83 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.25

Whois 104.207.49.25

IP Abuse Reports for 104.207.49.25:

This IP address has been reported a total of 83 times from 16 distinct sources. 104.207.49.25 was first reported on June 7th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 oncord	2026-03-10 03:21:45 (2 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-09 21:48:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:48:11.941442 2026] [security2:error] [pid 13795:tid 13795] [client 104.207.49.25:38155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garyrankin.com"] [uri "/.env.save"] [unique_id "aYpWG0VzXRpB2HINoaeZMAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:20:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:20:35.087812 2026] [security2:error] [pid 27765:tid 27765] [client 104.207.49.25:35503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garanzuayrec.com"] [uri "/v2/.git/config"] [unique_id "aYpPoz4x-UAUZU94Vi0AvAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:58:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:58:37.865203 2026] [security2:error] [pid 22911:tid 22911] [client 104.207.49.25:11335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gandmaquatics.com"] [uri "/wp/.git/config"] [unique_id "aYpKfWTysbhwa_VO8nx6agAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 barbarella	2026-02-09 19:34:57 (3 months ago)	unsolicited access to Administrative pages (GET /admin/.env)	Hacking Web App Attack
🇺🇸 myagent.site	2026-02-09 18:26:01 (3 months ago)	Blocking for trying to access an exploit file: /site/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-09 12:44:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:44:00.381012 2026] [security2:error] [pid 1947:tid 1947] [client 104.207.49.25:56677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamerah.net"] [uri "/dev/.git/config"] [unique_id "aYnWkIXbfS9WmXD0Gt3QpgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 11:51:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 06:51:06.587678 2026] [security2:error] [pid 17380:tid 17380] [client 104.207.49.25:9437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gallodestinationservices.com"] [uri "/frontend/.env"] [unique_id "aYnKKtRFAdl9BcN1jHM_ZwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 09:56:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 04:56:01.920347 2026] [security2:error] [pid 14644:tid 14673] [client 104.207.49.25:40035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabegabel.com"] [uri "/site/.git/config"] [unique_id "aYmvMZvgdOJajVBScIMi7AAAANI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 09:30:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 04:30:01.213831 2026] [security2:error] [pid 23182:tid 23182] [client 104.207.49.25:9717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fulltime-life.com"] [uri "/api/.env"] [unique_id "aYmpGZK8q-5d_PaBPdIGcgAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 06:14:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 01:14:16.854400 2026] [security2:error] [pid 6276:tid 6276] [client 104.207.49.25:17591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "furballproductions.org"] [uri "/.env.production"] [unique_id "aYl7OIk55GVhzMAzvrng8wAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 ALPHANET	2025-12-30 11:27:49 (5 months ago)	web exploits	Hacking Exploited Host Web App Attack
Anonymous	2025-12-30 08:26:55 (5 months ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:13 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-29 04:27:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:27:36.926118 2025] [security2:error] [pid 20289:tid 20289] [client 104.207.49.25:51211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "couturebikini.com"] [uri "/.git/HEAD"] [unique_id "aVIDOIlNWzMfJ7wj4jQCsgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 83 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 146.70.40.68

🇷🇺 141.105.68.213

🇨🇳 111.225.148.149

🇳🇱 195.178.110.30

🇸🇬 159.65.2.17

🇺🇸 144.91.242.98

🇮🇩 103.166.10.244

🇮🇩 103.160.41.7

🇰🇪 41.90.100.147

🇰🇷 211.228.217.178

🇧🇪 198.235.24.230

🇫🇷 185.2.103.46

🇭🇰 156.238.246.197

🇫🇮 147.185.133.235

🇦🇪 139.185.55.154

🇻🇳 115.79.143.175

🇹🇳 41.62.198.76

🇺🇸 35.235.127.243

🇬🇧 35.203.210.146

🇦🇺 34.129.255.217