JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.8

104.207.49.8 was found in our database!

This IP was reported 98 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.8

Whois 104.207.49.8

IP Abuse Reports for 104.207.49.8:

This IP address has been reported a total of 98 times from 26 distinct sources. 104.207.49.8 was first reported on June 11th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-05-27 13:34:05 (1 week ago)	Wordfence waf block on registrymatters	Web App Attack
🇧🇪 cmbplf	2026-03-12 22:48:39 (2 months ago)	1.400 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
🇳🇱 jjnxpct	2026-02-19 04:50:31 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /v2/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-02-18 03:47:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 22:47:39.402458 2026] [security2:error] [pid 3485:tid 3507] [client 104.207.49.8:42657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertbellamy.com"] [uri "/wp/.git/config"] [unique_id "aZU2W30HEozRRO51JQcXAgAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 03:14:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 22:14:35.595760 2026] [security2:error] [pid 8265:tid 8265] [client 104.207.49.8:44875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "richardnash.com"] [uri "/v2/.git/config"] [unique_id "aZUum4U5mHhT6nkrbiWVOAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:51 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 06:08:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:08:20.833012 2025] [security2:error] [pid 28953:tid 28953] [client 104.207.49.8:49913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.healthpointphysicians.co"] [uri "/.svn/wc.db"] [unique_id "aSVH1IDk22W27kkjGNdInQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:23:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:22:52.259736 2025] [security2:error] [pid 7035:tid 7035] [client 104.207.49.8:14143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.daterapebooks.com"] [uri "/.svn/wc.db"] [unique_id "aSQHzGkmYfu6BHysA5xsIAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:25:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:25:17.025895 2025] [security2:error] [pid 28223:tid 28223] [client 104.207.49.8:58747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.bigbikers.net"] [uri "/.git/HEAD"] [unique_id "aSPsPVEUWmZ8_3vKjNt9vQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:13:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:42.240108 2025] [security2:error] [pid 3476:tid 3476] [client 104.207.49.8:24385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.grupoimaginarte.com"] [uri "/.env"] [unique_id "aSPbdj7zs87UFcYg7ySMmwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:03:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:03:23.851716 2025] [security2:error] [pid 15977:tid 15977] [client 104.207.49.8:21237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.interiorsolutions-stuart.com"] [uri "/.env"] [unique_id "aSPK-2dEEusPE5CYRkiE4QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 AWW-Admin	2025-10-16 16:15:22 (7 months ago)	(wordpress) Failed wordpress login from 104.207.49.8 (BR/Brazil/-)	Brute-Force
Anonymous	2025-04-06 18:03:13 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 17:33:37 (1 year ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 21:16:48 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 98 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.23.95.14

🇬🇧 193.32.209.246

🇦🇪 2.50.136.122

🇬🇧 193.32.209.243

🇩🇪 172.71.148.131

🇺🇸 147.185.132.105

🇧🇷 128.201.9.152

🇨🇳 58.212.237.185

🇭🇰 23.249.28.115

🇺🇸 2a02:4780:b:846:0:3268:dd26:9

🇧🇷 177.85.112.234

🇺🇸 172.93.102.236

🇨🇳 106.75.144.37

🇳🇱 93.123.72.166

🇮🇱 84.110.163.50

🇳🇱 45.148.10.147

🇳🇱 43.250.54.196

🇺🇦 195.64.231.172

🇸🇬 190.92.211.145

🇨🇳 180.127.144.43