JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.255

104.207.49.255 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 31%: ?

31%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.255

Whois 104.207.49.255

IP Abuse Reports for 104.207.49.255:

This IP address has been reported a total of 126 times from 20 distinct sources. 104.207.49.255 was first reported on June 7th 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-06-21 15:16:06 (3 hours ago)	Wordfence waf block on parsol	Web App Attack
🇫🇷 ELYAZ	2026-06-19 14:42:53 (2 days ago)	(y4) Failed scan -byebye- from 104.207.49.255 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇬🇷 setupgr	2026-06-16 22:58:23 (4 days ago)	(mod_security) mod_security (id:900001) triggered by 104.207.49.255: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.49.255: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 17 01:58:20.514183 2026] [security2:error] [pid 2210175:tid 2210218] [client 104.207.49.255:21313] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "ajHVDH9oGssBgNwsPFsliAAAAEI"], referer: https://asteriassantorini.com/wp-login.php show less	Port Scan
🇫🇷 pm33	2026-06-16 17:39:33 (5 days ago)	Wordpress login attempts	Brute-Force
🇲🇹 Malta	2026-06-15 06:17:09 (6 days ago)	104.207.49.255 - - [15/Jun/2026:08:17:09 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ... show more 104.207.49.255 - - [15/Jun/2026:08:17:09 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" show less	Hacking Web App Attack VPN IP
🇬🇷 setupgr	2026-06-12 07:08:26 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.49.255: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.49.255: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 10:08:26.398827 2026] [security2:error] [pid 104061:tid 104265] [client 104.207.49.255:21355] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: gyrosplace.gr"] [severity "CRITICAL"] [tag "security"] [hostname "gyrosplace.gr"] [uri "/wp-login.php"] [unique_id "aiuwatP1SVBHlBuGp5eEewAAAM8"], referer: https://gyrosplace.gr/wp-login.php show less	Port Scan
🇺🇸 integrantservices.com	2026-02-20 12:38:02 (4 months ago)	(wordpress) Failed wordpress login from 104.207.49.255 (BR/Brazil/-)	Brute-Force
🇪🇸 librebit	2026-02-07 00:26:37 (4 months ago)	Brute force	Brute-Force
🇪🇸 10dencehispahard SL	2026-01-23 07:34:09 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-12-01 19:02:51 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-11-28 05:43:35 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-25 06:20:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.255 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:20:23.491936 2025] [security2:error] [pid 31255:tid 31255] [client 104.207.49.255:44003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wintercypher.com"] [uri "/.env"] [unique_id "aSVKp9gnrDo46URt7P3kSAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:18:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.255 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.255 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:18:23.463415 2025] [security2:error] [pid 1376:tid 1376] [client 104.207.49.255:37901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "democratorrepublican.us"] [uri "/.git/HEAD"] [unique_id "aSUf_3QkqpOQ5szqmNGX2gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 agenciahypelab.com.br	2025-11-02 05:05:56 (7 months ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
Anonymous	2025-04-07 13:29:14 (1 year ago)	Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.155

🇵🇰 182.190.216.141

🇧🇷 179.51.151.188

🇳🇱 176.65.139.248

🇺🇸 137.184.112.192

🇮🇳 117.241.75.221

🇰🇷 115.140.161.61

🇳🇱 45.148.10.244

🇷🇴 2.57.121.112

🇮🇳 182.95.233.86

🇻🇳 180.93.245.203

🇧🇷 45.205.1.5

🇧🇷 45.164.251.106

🇺🇸 216.180.246.95

🇺🇸 216.180.246.77

🇺🇸 205.210.31.23

🇩🇪 193.124.20.251

🇨🇳 180.125.231.80

🇺🇸 166.239.184.117

🇻🇳 165.154.137.186