JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.49.92

104.207.49.92 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.49.92

Whois 104.207.49.92

IP Abuse Reports for 104.207.49.92:

This IP address has been reported a total of 130 times from 14 distinct sources. 104.207.49.92 was first reported on June 11th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-02 21:55:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 16:55:50.865272 2026] [security2:error] [pid 24497:tid 24497] [client 104.207.49.92:41665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ble.zunosaki.com"] [uri "/.svn/wc.db"] [unique_id "aVg-5jWSuGU_yMzMajCYWgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-02 19:40:31 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 14:40:25.540163 2026] [security2:error] [pid 29568:tid 29568] [client 104.207.49.92:48891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chatsupply.us"] [uri "/.env"] [unique_id "aVgfKbyxTRJZtdVMaHwWAwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2025-12-30 23:41:41 (5 months ago)	Blocked by UFW (TCP on 80) Source port: 37345 TTL: 54 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 37345 TTL: 54 Packet length: 60 TOS: 0x00 This report (for 104.207.49.92) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇦🇱 router.al	2025-12-30 21:04:19 (5 months ago)	12/30/2025-21:04:19.452137 104.207.49.92 Protocol: 6 GPL WEB_SERVER 403 Forbidden	Port Scan
🇺🇸 TPI-Abuse	2025-12-29 05:06:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:06:05.004705 2025] [security2:error] [pid 23602:tid 23602] [client 104.207.49.92:29851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tigerallenyim.com"] [uri "/.git/HEAD"] [unique_id "aVIMPTWdOVwF8wk31_J1wwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:11:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:11:50.107052 2025] [security2:error] [pid 3581:tid 3581] [client 104.207.49.92:9885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hillsboroughcountyresident.com"] [uri "/.svn/wc.db"] [unique_id "aVH_hoHlfqIEdw0LPQWnEwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇳🇱 homeshowdomain.nl	2025-11-25 23:04:22 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 03:20:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:19:54.433805 2025] [security2:error] [pid 12340:tid 12340] [client 104.207.49.92:47769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gslministries.com"] [uri "/.git/HEAD"] [unique_id "aSUgWjYiiO13ryMFNannbwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:19:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:19:28.414886 2025] [security2:error] [pid 24380:tid 24380] [client 104.207.49.92:18223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.fitz-studios.com"] [uri "/.svn/wc.db"] [unique_id "aSUEII0qSuGIB_DB_72RWAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:19:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:19:10.490099 2025] [security2:error] [pid 11054:tid 11054] [client 104.207.49.92:29043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tttns.com"] [uri "/.git/HEAD"] [unique_id "aSQjDvVnKuRFpPWvgExIsAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:42:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:42:40.747897 2025] [security2:error] [pid 28324:tid 28324] [client 104.207.49.92:59089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "athenaanderson.andrsn.com"] [uri "/.svn/wc.db"] [unique_id "aSPwUO6MSsUNM8wRB4YmmAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:03:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:03:01.389685 2025] [security2:error] [pid 859:tid 859] [client 104.207.49.92:16635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.prodivediving.com"] [uri "/.git/HEAD"] [unique_id "aSPnBXcxSBafDWh2qpXA8wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:22:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.49.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:22:31.447232 2025] [security2:error] [pid 30168:tid 30168] [client 104.207.49.92:49121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.lesdaniels.com"] [uri "/.git/HEAD"] [unique_id "aSPdh7SfTeres1wHs9on1gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Phenix Info	2025-10-20 06:55:25 (7 months ago)	SmallGuard.fr/Prestashop SSH Login failded	Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.0.56.30

🇸🇦 79.72.3.119

🇺🇸 2602:fb54:1400::120

🇮🇳 154.84.242.115

🇳🇱 82.196.0.207

🇳🇱 80.82.77.33

🇺🇸 47.251.48.155

🇳🇱 45.148.10.151

🇩🇪 45.86.202.232

🇩🇪 217.234.92.249

🇧🇷 205.210.31.173

🇳🇱 185.136.15.110

🇺🇸 178.128.185.29

🇺🇸 172.191.239.155

🇭🇰 165.154.92.172

🇭🇰 165.154.1.18

🇺🇸 159.89.228.57

🇨🇳 144.123.76.248

🇭🇰 101.36.116.204

🇫🇷 79.137.104.160