JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.111

104.207.48.111 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.111

Whois 104.207.48.111

IP Abuse Reports for 104.207.48.111:

This IP address has been reported a total of 130 times from 13 distinct sources. 104.207.48.111 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-12 04:03:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:02:55.176255 2026] [security2:error] [pid 16388:tid 16388] [client 104.207.48.111:42793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arteseros.com"] [uri "/app/.env"] [unique_id "aY1Q77CgwXY1tAY_VCeEnAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 20:50:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:50:09.778525 2026] [security2:error] [pid 887476:tid 887476] [client 104.207.48.111:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ard.global"] [uri "/v2/.git/config"] [unique_id "aYzrgWTPiSiC5UNOLgnnlAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 17:12:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 12:12:37.075287 2026] [security2:error] [pid 20225:tid 20225] [client 104.207.48.111:26937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquatech-ind.com"] [uri "/.env"] [unique_id "aYy4hZJ2DJLCiyshFeV4agAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:31:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:31:35.109225 2026] [security2:error] [pid 30104:tid 30104] [client 104.207.48.111:10573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10besthotels.com"] [uri "/admin/.env"] [unique_id "aYtPV_BxETBbZ9onyL7dSAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:31:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:31:45.378372 2026] [security2:error] [pid 14237:tid 14237] [client 104.207.48.111:20553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirstengoldberg.com"] [uri "/dev/.git/config"] [unique_id "aYqmoW92O0OW4dCCG05_ZgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:07:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:07:01.565431 2026] [security2:error] [pid 11408:tid 11408] [client 104.207.48.111:55767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingstoneproperties.com"] [uri "/new/.git/config"] [unique_id "aYqg1Utldsv_xKBHwPhOTQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:22:58 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:22:53.448462 2026] [security2:error] [pid 13231:tid 13235] [client 104.207.48.111:53383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimbleproperties.com"] [uri "/.env.production"] [unique_id "aYqWfQoQP8esBx9Kr0f7uQAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:35:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:35:13.844994 2026] [security2:error] [pid 7986:tid 7986] [client 104.207.48.111:58351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevinjewell.com"] [uri "/config/.env"] [unique_id "aYp9QcTy9WFBdg3iV00IoAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:43:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:43:44.664922 2026] [security2:error] [pid 10875:tid 10875] [client 104.207.48.111:26091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelvinlouie.com"] [uri "/admin/.git/config"] [unique_id "aYpxMOojciMhmc53dW43tQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:12:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:12:32.360897 2026] [security2:error] [pid 2516:tid 2516] [client 104.207.48.111:53721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karieva.com"] [uri "/.env.staging"] [unique_id "aYpNwMZ5AGIMFufu_Qg4XwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:30:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:29:58.767163 2026] [security2:error] [pid 17273:tid 17273] [client 104.207.48.111:45999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "holtzheimer.net"] [uri "/new/.git/config"] [unique_id "aYo1thKHYgHgnBq8N4YsAAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-29 09:02:33 (4 months ago)	wordpress-trap	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:36:10 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇩🇪 ps-center	2025-10-25 16:48:16 (7 months ago)	SES-W: TCP-Scanner. Port: 22	Port Scan
🇳🇱 EGP Abuse Dept	2025-10-18 03:19:35 (7 months ago)	Unauthorized connection to SSH port 22	Port Scan Hacking SSH

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 195.63.17.235

🇧🇷 138.185.23.99

🇧🇬 78.128.114.102

🇨🇭 34.158.17.198

🇷🇴 2.57.122.238

🇫🇷 2a09:bac1:2780:f0::40e:37

🇨🇳 221.5.46.140

🇭🇰 119.28.215.54

🇰🇬 95.87.93.158

🇬🇧 45.82.76.121

🇺🇸 45.33.94.76

🇻🇳 14.191.162.187

🇮🇳 217.216.59.228

🇧🇷 200.115.102.117

🇺🇸 124.198.131.39

🇳🇱 45.198.224.13

🇳🇱 45.148.10.157

🇪🇸 34.175.146.41

🇺🇸 18.190.15.50

🇩🇪 213.209.159.235