JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.106

104.207.48.106 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.106

Whois 104.207.48.106

IP Abuse Reports for 104.207.48.106:

This IP address has been reported a total of 139 times from 19 distinct sources. 104.207.48.106 was first reported on June 4th 2024, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-10 04:57:30 (4 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇫🇷 ELYAZ	2026-06-09 20:35:12 (12 hours ago)	(y4) Failed scan -byebye- from 104.207.48.106 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇺🇸 TPI-Abuse	2025-11-27 22:30:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:30:27.588502 2025] [security2:error] [pid 8188:tid 8188] [client 104.207.48.106:48689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "integrabroadcast.com"] [uri "/.git/HEAD"] [unique_id "aSjRAzukSqJ_rd8-XMcp0gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-11-25 20:05:53 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇫🇮 Shaik Sai Meera	2025-11-25 18:55:16 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 05:28:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:27:58.517698 2025] [security2:error] [pid 7331:tid 7331] [client 104.207.48.106:32759] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cultureshockmedia.com"] [uri "/.env"] [unique_id "aSU-Xiw1B4R9kRt6JzuhGwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:29:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:29:38.907357 2025] [security2:error] [pid 29647:tid 29647] [client 104.207.48.106:52725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.livegoodherbs.com"] [uri "/.svn/wc.db"] [unique_id "aSUwssuPnOGmtXZcP4RDJwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:01:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:01:27.180395 2025] [security2:error] [pid 19533:tid 19533] [client 104.207.48.106:45747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ik3co.com"] [uri "/.git/HEAD"] [unique_id "aSUqF1khkyVQ3zCcm2WBeQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:00:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:00:43.436719 2025] [security2:error] [pid 23824:tid 23824] [client 104.207.48.106:41999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.swaincustomdesigns.com"] [uri "/.env"] [unique_id "aSUb20UUEzfWA3QWPKiZ0gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:17:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:17:22.649175 2025] [security2:error] [pid 10150:tid 10150] [client 104.207.48.106:57511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.robobs.com.nixonpublishing.com"] [uri "/.svn/wc.db"] [unique_id "aSUDokRfjwztMo8N7lniQQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:11:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:11:08.569868 2025] [security2:error] [pid 6027:tid 6027] [client 104.207.48.106:20911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.modele18.com"] [uri "/.env"] [unique_id "aST0HBBfvvghwfQnvwF4fQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2025-11-01 10:40:04 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2025-10-30 14:22:38 (7 months ago)	WordPress Brute Force	Brute-Force
🇩🇪 Marc	2025-10-29 20:07:26 (7 months ago)		Brute-Force
Anonymous	2025-10-11 04:55:39 (7 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.11 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 152.232.65.12

🇩🇪 8.209.102.92

🇺🇸 168.100.149.128

🇷🇺 138.124.69.99

🇨🇦 130.107.144.141

🇺🇸 107.173.177.133

🇺🇸 107.150.96.39

🇮🇳 106.51.92.114

🇧🇬 94.26.56.190

🇬🇧 92.27.101.99

🇭🇰 47.243.143.216

🇧🇷 45.205.1.240

🇺🇸 18.190.15.50

🇺🇸 172.217.36.81

🇪🇸 172.110.219.251

🇺🇸 168.100.149.219

🇨🇳 123.178.210.56

🇨🇦 85.217.149.30

🇫🇷 83.171.226.124

🇺🇸 64.94.159.240