JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.26

104.207.49.26 was found in our database!

This IP was reported 168 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.26

Whois 104.207.49.26

IP Abuse Reports for 104.207.49.26:

This IP address has been reported a total of 168 times from 22 distinct sources. 104.207.49.26 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-23 15:04:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 10:04:26.961430 2026] [security2:error] [pid 17356:tid 17356] [client 104.207.49.26:17651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steamboatrowena.com.virginiabeachlovebird.com"] [uri "/.git/config"] [unique_id "aZxseo3xnWkuFekmlKmxQAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:09:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:09:30.958713 2026] [security2:error] [pid 24167:tid 24167] [client 104.207.49.26:56397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menafert.com"] [uri "/app/.git/config"] [unique_id "aY7cOv5NQ1JXs0k4eVXrYAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 04:35:21 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.49.26 (BR/Brazil/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.49.26 (BR/Brazil/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:37:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:37:15.930589 2026] [security2:error] [pid 17648:tid 17648] [client 104.207.49.26:18291] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marilynmonroebook.com"] [uri "/api/.env"] [unique_id "aY6ca0H6yPoZPYKveHkCUQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:21:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:21:43.964551 2026] [security2:error] [pid 18260:tid 18260] [client 104.207.49.26:53409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marcosbarraza.net"] [uri "/api/.git/config"] [unique_id "aY6Yx-uciYa3kiYYx0TFDgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:44:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:44:28.295747 2026] [security2:error] [pid 2055906:tid 2055906] [client 104.207.49.26:11639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mainefirst.org"] [uri "/.env"] [unique_id "aY6B_POgq_MtrHj_bfOiPgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-13 01:05:33 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:48:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:48:03.751121 2026] [security2:error] [pid 5179:tid 5179] [client 104.207.49.26:46431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "copiersdurham.com"] [uri "/.env"] [unique_id "aY4EQ4A5kBnG5SHq7vx26QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-12 00:35:10 (3 months ago)	104.207.49.26 - - [12/Feb/2026:00:35:10 +0000] "GET /.env.save HTTP/1.1" 302 3409 "-" "Mozilla/5.0 ( ... show more 104.207.49.26 - - [12/Feb/2026:00:35:10 +0000] "GET /.env.save HTTP/1.1" 302 3409 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:23:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:23:17.058063 2026] [security2:error] [pid 14130:tid 14193] [client 104.207.49.26:43095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arizonasolutionsgroup.com"] [uri "/app/.git/config"] [unique_id "aY0PZT56FJlaLu3_3qItSAAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-11 04:31:18 (3 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-10 16:15:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 11:15:19.337827 2026] [security2:error] [pid 19354:tid 19354] [client 104.207.49.26:58485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antoniocobo.com"] [uri "/config/.env"] [unique_id "aYtZlzYKIZX9Q6iz6ClpnAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:38:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:37:56.878127 2026] [security2:error] [pid 12745:tid 12766] [client 104.207.49.26:55313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koalacogs.com"] [uri "/app/.git/config"] [unique_id "aYrENCzFaBOFmlrgLfF_cAAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:38:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:38:03.201266 2026] [security2:error] [pid 26803:tid 26803] [client 104.207.49.26:14701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibcountn.com"] [uri "/admin/.env"] [unique_id "aYqoG5hNAsON1OK0hlCzjAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:11:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:11:47.150780 2026] [security2:error] [pid 24793:tid 24793] [client 104.207.49.26:26885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnaird.enterprises"] [uri "/.git/config"] [unique_id "aYqh82VhyBi1ofrP6pZs1wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 168 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 202.70.139.60

🇬🇧 185.216.145.175

🇧🇩 103.179.25.99

🇰🇷 59.21.37.60

🇧🇪 34.34.165.33

🇺🇸 17.132.72.5

🇳🇱 213.177.179.146

🇬🇧 195.96.139.58

🇺🇦 194.44.26.46

🇬🇧 185.247.137.69

🇺🇸 164.90.151.212

🇷🇺 91.211.236.106

🇺🇸 47.251.86.173

🇱🇹 45.227.254.170

🇷🇴 2.57.121.112

🇬🇧 195.96.139.55

🇬🇧 195.96.139.46

🇺🇸 162.216.150.229

🇺🇸 162.216.149.208

🇺🇸 147.185.132.174