JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.48

104.207.39.48 was found in our database!

This IP was reported 164 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.48

Whois 104.207.39.48

IP Abuse Reports for 104.207.39.48:

This IP address has been reported a total of 164 times from 24 distinct sources. 104.207.39.48 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-05-27 18:06:53 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇲🇹 Malta	2026-05-23 15:30:16 (1 month ago)	104.207.39.48 - - [23/May/2026:17:30:16 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubun ... show more 104.207.39.48 - - [23/May/2026:17:30:16 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇬🇧 PeravixGroup	2026-05-22 13:15:06 (1 month ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇨🇳 ThreatBook.io	2026-04-13 00:12:06 (2 months ago)	ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/104.207.39.48 2026- ... show more ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/104.207.39.48 2026-04-12 17:55:26 /fang/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 02:39:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:39:15.704407 2026] [security2:error] [pid 359837:tid 359837] [client 104.207.39.48:16841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arsenaultartistmanagement.com"] [uri "/test/.git/config"] [unique_id "aY09U01TSZ_KFXpIk60rZgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:05:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:05:09.309094 2026] [security2:error] [pid 12745:tid 12766] [client 104.207.39.48:45777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madring.click"] [uri "/v2/.git/config"] [unique_id "aYqgZSzFaBOFmlrgLfF5XwAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Holger	2026-02-10 02:29:56 (4 months ago)	Bruteforce WebAttack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:00:43 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:00:34.317082 2026] [security2:error] [pid 7474:tid 7474] [client 104.207.39.48:37605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humbliaslaw.com"] [uri "/.env"] [unique_id "aYqDMiniSIUf49VlHHrbVQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:52:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:52:17.119730 2026] [security2:error] [pid 1570:tid 1601] [client 104.207.39.48:12913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howardhallis.com"] [uri "/.env.production"] [unique_id "aYplIXeVpx3S5SN-NSqdQgAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:54:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:53:56.767943 2026] [security2:error] [pid 23422:tid 23422] [client 104.207.39.48:47597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "katabigrock.net"] [uri "/wp/.git/config"] [unique_id "aYpXdK9He1WSJKaEg-8D5AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:20:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:20:43.390582 2026] [security2:error] [pid 3760:tid 3760] [client 104.207.39.48:23841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horseillustration.com"] [uri "/site/.git/config"] [unique_id "aYpPq4NHikqCJ22N51Ql8wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 20:06:28 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
Anonymous	2026-01-16 14:35:52 (5 months ago)	wordpress-trap	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-07 01:04:11 (5 months ago)	WP Login Scan Activities	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:55 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 164 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.122

🇬🇧 193.32.209.233

🇨🇳 171.213.243.214

🇺🇸 162.216.150.23

🇺🇸 147.185.132.114

🇿🇦 147.136.65.174

🇯🇵 139.162.116.22

🇬🇧 134.209.30.93

🇮🇩 103.162.113.250

🇵🇱 95.214.55.186

🇩🇪 79.222.18.214

🇺🇸 47.251.34.170

🇺🇸 40.124.184.7

🇨🇳 222.222.158.37

🇺🇸 216.25.89.80

🇺🇸 209.141.34.44

🇺🇸 185.191.171.12

🇵🇱 166.88.69.197

🇩🇪 164.90.172.242

🇳🇱 91.92.40.34