JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.90

104.207.49.90 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.90

Whois 104.207.49.90

IP Abuse Reports for 104.207.49.90:

This IP address has been reported a total of 153 times from 23 distinct sources. 104.207.49.90 was first reported on June 6th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 SiliSoftware	2026-06-02 22:14:55 (2 days ago)	/wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings	Web App Attack
🇮🇹 [email protected]	2026-05-24 19:21:02 (1 week ago)	104.207.49.90 - - [24/May/2026:15:24:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 5061 "-" "Wget/1.21.4 ... show more 104.207.49.90 - - [24/May/2026:15:24:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 5061 "-" "Wget/1.21.4" show less	Brute-Force Web App Attack
🇮🇹 [email protected]	2026-05-24 13:24:42 (1 week ago)	[Sun May 24 15:24:42.144182 2026] [authz_core:error] [pid 1465887:tid 1466002] [client 104.207.49.90 ... show more [Sun May 24 15:24:42.144182 2026] [authz_core:error] [pid 1465887:tid 1466002] [client 104.207.49.90:52229] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/xmlrpc.php show less	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 22:59:55 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 05:04:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:04:36.464341 2026] [security2:error] [pid 24756:tid 24756] [client 104.207.49.90:47651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmp.net"] [uri "/backend/.env"] [unique_id "aYq8ZPbagTiV85MNJlPtuwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:26:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:26:36.126060 2026] [security2:error] [pid 8545:tid 8545] [client 104.207.49.90:36415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ianadolphus.com"] [uri "/v2/.git/config"] [unique_id "aYqlbIsxq4Cum45n7F7FcgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:56:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:56:05.602336 2026] [security2:error] [pid 5134:tid 5134] [client 104.207.49.90:59905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingfishbets.com"] [uri "/backup/.git/config"] [unique_id "aYqeRcpKMegyNiSJNs26fgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:15:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:14:55.562505 2026] [security2:error] [pid 24842:tid 24842] [client 104.207.49.90:49619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kildarafarms.com"] [uri "/app/.git/config"] [unique_id "aYqUnyex2TiwUHzWIqxZOwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:02:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:02:00.619609 2026] [security2:error] [pid 15506:tid 15506] [client 104.207.49.90:34305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdarmsta.com"] [uri "/new/.git/config"] [unique_id "aYpnaJu_4TroNncc05P-awAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 22:45:37 (3 months ago)	Blocking for trying to access an exploit file: /new/.git/config	Hacking
Anonymous	2025-12-31 13:05:33 (5 months ago)	wordpress-trap	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:47 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 rh24	2025-10-27 13:06:37 (7 months ago)	104.207.49.90 (BR/Brazil/-), 7 distributed sshd attacks on account [redacted]	Brute-Force SSH
Anonymous	2025-10-26 11:26:04 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-25 08:40:54 (7 months ago)	wordpress-trap	Web App Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 222.252.105.77

🇸🇬 194.5.82.87

🇷🇺 147.45.48.17

🇿🇦 102.129.62.101

🇸🇪 88.129.165.39

🇺🇸 63.135.161.90

🇺🇸 44.208.226.63

🇲🇲 204.157.172.110

🇩🇪 185.220.100.255

🇳🇱 176.65.139.254

🇺🇸 157.55.39.14

🇪🇸 104.250.217.209

🇻🇳 103.200.25.198

🇸🇪 90.231.80.167

🇺🇸 63.135.161.106

🇺🇸 63.135.161.99

🇧🇩 103.122.206.130

🇷🇺 79.139.154.214

🇺🇸 63.141.245.242

🇨🇳 36.32.200.25