JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.51

104.207.49.51 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.51

Whois 104.207.49.51

IP Abuse Reports for 104.207.49.51:

This IP address has been reported a total of 143 times from 22 distinct sources. 104.207.49.51 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-03 11:02:39 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.49.51 (BR/Brazil/-): 1 in the last 360 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.49.51 (BR/Brazil/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇱🇻 garmtech.com	2026-03-27 11:10:41 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:03:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:03:47.967143 2026] [security2:error] [pid 576470:tid 576470] [client 104.207.49.51:44837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "otcda-ts.com"] [uri "/app/.git/config"] [unique_id "aZGoE5_hfxe6tljKGzp0PwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-15 11:01:20 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.49.51 (BR/Brazil/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.49.51 (BR/Brazil/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:42:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:42:17.461818 2026] [security2:error] [pid 405919:tid 405935] [client 104.207.49.51:58589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opticaldesignconcepts.com"] [uri "/.env"] [unique_id "aZFqya-tSW-IIRHmX-CwmgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:24:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:24:50.213525 2026] [security2:error] [pid 8141:tid 8141] [client 104.207.49.51:36077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "savoiapower.com"] [uri "/api/.env"] [unique_id "aZFYosv8qBYQNjSEUDdFZAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 05:18:24 (3 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇪🇸 masterguru	2026-02-15 05:10:58 (3 months ago)	Restricted File Access Attempt. Matched phrase "/.env" at REQUEST_FILENAME. (930130-122)	Hacking Web App Attack
🇺🇸 myagent.site	2026-02-15 04:28:37 (3 months ago)	Blocking for trying to access an exploit file: /dev/.git/config	Hacking
🇩🇪 big-cloud.nl	2026-02-15 04:28:26 (3 months ago)	Try to access /test/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:26:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:26:37.477815 2026] [security2:error] [pid 18847:tid 18847] [client 104.207.49.51:50247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "praiseworthy.info"] [uri "/app/.git/config"] [unique_id "aZFK_RUZ4wxlpVjZI4KI5wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:34:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:34:10.999601 2026] [security2:error] [pid 16146:tid 16146] [client 104.207.49.51:48723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nomanszone.org"] [uri "/admin/.git/config"] [unique_id "aZE-ssrQjvLtFhcdQc6ecQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 03:05:40 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:23:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:23:52.823327 2026] [security2:error] [pid 13009:tid 13009] [client 104.207.49.51:12453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pilates-slings.eu"] [uri "/.env"] [unique_id "aZEgKPWEpLFcyq2nm_jrBAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-02-15 01:11:47 (3 months ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.63.138.70

🇷🇺 128.1.43.230

🇮🇳 103.203.65.112

🇷🇺 81.30.196.70

🇱🇹 81.30.98.49

🇺🇸 75.7.111.205

🇺🇸 66.132.195.57

🇮🇩 36.68.124.48

🇳🇱 204.76.203.15

🇨🇳 183.233.85.194

🇰🇷 175.198.62.180

🇨🇳 123.179.80.12

🇮🇩 103.26.209.181

🇱🇧 91.240.82.20

🇧🇬 78.128.112.30

🇳🇱 35.204.132.185

🇬🇧 35.203.210.233

🇬🇧 35.203.210.128

🇵🇰 223.123.71.249

🇸🇬 198.55.112.17