JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.76

104.207.49.76 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.76

Whois 104.207.49.76

IP Abuse Reports for 104.207.49.76:

This IP address has been reported a total of 127 times from 14 distinct sources. 104.207.49.76 was first reported on June 22nd 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 2000cn.com.au	2026-02-11 21:04:50 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:00:00 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 22:10:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 17:10:51.569479 2026] [security2:error] [pid 6142:tid 6142] [client 104.207.49.76:14589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "appalachianstomp.com"] [uri "/api/.git/config"] [unique_id "aYus65qJzjfRitdSPuiZFwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-02-10 15:33:08 (3 months ago)	104.207.49.76 - - [10/Feb/2026:16:33:07 +0100] "GET /site/.git/config HTTP/1.1" 301 3366 "-" "Mozill ... show more 104.207.49.76 - - [10/Feb/2026:16:33:07 +0100] "GET /site/.git/config HTTP/1.1" 301 3366 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:11:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:11:37.396066 2026] [security2:error] [pid 22664:tid 22664] [client 104.207.49.76:55945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthraxbook.com"] [uri "/v2/.git/config"] [unique_id "aYtKqYGQYVZxhBBnTsEIOwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:28:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:28:31.186189 2026] [security2:error] [pid 8295:tid 8295] [client 104.207.49.76:49529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iktonline.org"] [uri "/site/.git/config"] [unique_id "aYrQD_ki8ufvKmG32nuyvQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:43:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:43:46.224603 2026] [security2:error] [pid 6360:tid 6360] [client 104.207.49.76:19761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kochcreative.com"] [uri "/wp/.git/config"] [unique_id "aYrFkrzM7BExRTUPHlw3ewAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:12:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:12:03.023177 2026] [security2:error] [pid 25057:tid 25066] [client 104.207.49.76:30411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idwic.com"] [uri "/.env.save"] [unique_id "aYq-I9x5JYPt7AJhJMhwFQAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:47:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:47:25.613441 2026] [security2:error] [pid 2618302:tid 2618302] [client 104.207.49.76:34175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.com"] [uri "/.env.local"] [unique_id "aYqAHfQY21IzSNC4GKjK_QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:00:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:59:58.018679 2026] [security2:error] [pid 18178:tid 18178] [client 104.207.49.76:63055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kennythompson.com"] [uri "/new/.git/config"] [unique_id "aYp0_rFesTyNpi85hYmINAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:48:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:48:39.122776 2026] [security2:error] [pid 3856:tid 3856] [client 104.207.49.76:22279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "houstoun.me"] [uri "/backup/.git/config"] [unique_id "aYpkR7TPugGorw8pEcffUAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:13 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-27 22:31:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:31:08.433711 2025] [security2:error] [pid 12869:tid 12869] [client 104.207.49.76:51273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "intrinsicdiscovery.com"] [uri "/.svn/wc.db"] [unique_id "aSjRLO6_GfGmM1QWAjuXSgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-27 19:11:25 (6 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇳🇱 EGP Abuse Dept	2025-10-26 06:34:54 (7 months ago)	Unauthorized connection to SSH port 22	Port Scan Hacking SSH

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 219.92.8.252

🇦🇷 170.79.19.252

🇺🇸 35.237.144.76

🇬🇧 193.32.209.240

🇰🇷 175.198.18.3

🇵🇰 154.208.43.175

🇺🇸 23.95.20.168

🇮🇹 217.26.179.5

🇺🇸 209.90.232.249

🇺🇸 147.185.132.169

🇱🇹 62.60.130.31

🇳🇱 45.148.10.147

🇦🇺 45.133.6.13

🇬🇧 31.14.254.80

🇧🇷 190.89.136.183

🇦🇷 190.83.65.139

🇵🇾 181.103.2.67

🇮🇳 152.52.244.18

🇩🇪 91.92.240.42

🇨🇳 1.94.214.157