JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.6

104.207.49.6 was found in our database!

This IP was reported 83 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.6

Whois 104.207.49.6

IP Abuse Reports for 104.207.49.6:

This IP address has been reported a total of 83 times from 11 distinct sources. 104.207.49.6 was first reported on July 3rd 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-19 21:10:20 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 16:10:14.023890 2026] [security2:error] [pid 10252:tid 10252] [client 104.207.49.6:42507] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|secure-rep.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "secure-rep.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZd8Nhw8BatT_AWHYpjxpgAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-11 01:50:14 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 20:50:07.795646 2025] [security2:error] [pid 18996:tid 18996] [client 104.207.49.6:57917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lidarthur.com"] [uri "/.env"] [unique_id "aTojT5_Gx_cpe80iyf8GCgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 05:33:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 00:33:07.802825 2025] [security2:error] [pid 2104:tid 2104] [client 104.207.49.6:43571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lapapevip.com"] [uri "/.svn/wc.db"] [unique_id "aTe0k9I3q5W-rtUXFHhexgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 02:37:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 21:37:47.762250 2025] [security2:error] [pid 28575:tid 28575] [client 104.207.49.6:33757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buenasfrecuencias.com"] [uri "/.env"] [unique_id "aTY5-1NGMfbrtkHukS2NBQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-12-07 22:59:48 (6 months ago)	Auto-ban: >3000 req/min op 2025-12-07	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-05 16:13:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:13:30.466098 2025] [security2:error] [pid 17462:tid 17462] [client 104.207.49.6:15229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "instepdogobedience.com"] [uri "/.env"] [unique_id "aTMEqhYKptdalKsE9PRvlgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 13:35:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 08:35:29.004954 2025] [security2:error] [pid 22172:tid 22172] [client 104.207.49.6:11007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greetingcardspersonalized.com"] [uri "/.git/HEAD"] [unique_id "aTLfodIfZ3aOSZsoj0608wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-05 12:25:02 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:36:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:36:25.388237 2025] [security2:error] [pid 6239:tid 6239] [client 104.207.49.6:34305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ankitoner.com"] [uri "/.svn/wc.db"] [unique_id "aTLDueAJ4FSeJz-x7VFvtwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:45:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:45:44.618010 2025] [security2:error] [pid 4599:tid 4599] [client 104.207.49.6:36077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accordionfactory.com"] [uri "/.git/HEAD"] [unique_id "aTK32Ld5p-MkfUc6-KK5nQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:40:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:40:28.227240 2025] [security2:error] [pid 5498:tid 5521] [client 104.207.49.6:55711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chaoticperception.com"] [uri "/.git/HEAD"] [unique_id "aTJGHG7X3fCXD5Yl2i56RAAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 01:50:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:50:07.500517 2025] [security2:error] [pid 8020:tid 8024] [client 104.207.49.6:59213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "retrieversocal.com"] [uri "/.git/HEAD"] [unique_id "aTI6T5sJP7QP_uYcdsa37wAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:52:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:52:09.411315 2025] [security2:error] [pid 27827:tid 27827] [client 104.207.49.6:23151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neonmotel.com"] [uri "/.git/HEAD"] [unique_id "aTIsuTez90Y5WK9EIhMuBwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-04 16:03:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 11:03:48.382823 2025] [security2:error] [pid 14532:tid 14532] [client 104.207.49.6:53821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "themadwriter.us"] [uri "/.git/HEAD"] [unique_id "aTGw5NM6Ko2kYvt0ifs_BwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 22:01:05 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 83 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.117.105.178

🇸🇪 81.170.248.221

🇺🇸 2602:80d:1008::69

🇵🇰 2400:adc1:1e5:5800:b8d3:9c62:fc09:4760

🇺🇸 172.93.212.221

🇨🇳 171.36.6.232

🇺🇸 167.71.97.29

🇺🇸 96.127.152.236

🇺🇸 38.96.178.220

🇩🇪 34.159.21.13

🇧🇷 20.226.119.201

🇭🇰 8.218.59.157

🇨🇳 1.24.16.245

🇵🇰 182.180.154.234

🇺🇸 157.245.240.49

🇨🇭 104.244.74.201

🇸🇪 82.209.191.11

🇨🇳 60.184.227.182

🇩🇪 34.159.98.194

🇬🇧 31.14.254.15