JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.113

104.207.48.113 was found in our database!

This IP was reported 164 times. Confidence of Abuse is 24%: ?

24%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.113

Whois 104.207.48.113

IP Abuse Reports for 104.207.48.113:

This IP address has been reported a total of 164 times from 28 distinct sources. 104.207.48.113 was first reported on June 4th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-05-31 00:19:02 (6 days ago)	(y4) Failed scan -byebye- from 104.207.48.113 (BR/Brazil/-): (CF_ENABLE)	Hacking
🇺🇸 lostswordfish.com	2026-05-30 10:06:04 (1 week ago)	Wordfence waf block on fypeducation	Web App Attack
🇲🇽 octageeks.com	2026-05-29 04:15:59 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
Anonymous	2026-04-28 11:51:53 (1 month ago)	Forum/form spam	Web Spam
🇦🇺 nzhost.co.nz	2026-02-19 12:32:50 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇬🇧 openstrike.co.uk	2026-02-16 06:12:53 (3 months ago)	12 attacks on password grabbing URLs, VC URLs, env grabbing URLs: GET /.aws/credentials HTTP/1.1 GET ... show more 12 attacks on password grabbing URLs, VC URLs, env grabbing URLs: GET /.aws/credentials HTTP/1.1 GET /api/.git/config HTTP/1.1 GET /config/.env HTTP/1.1 show less	Hacking
🇳🇱 jjnxpct	2026-02-16 04:54:56 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /new/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇬🇧 consul.to	2026-02-15 12:50:56 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇦🇺 nzhost.co.nz	2026-02-15 12:26:24 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇳🇱 Mangelot Hosting	2026-02-15 12:19:49 (3 months ago)	(modsecurity) srv101 ModSecurity 104.207.48.113 (BR/Brazil/-): 5 in the last 3600 secs; Ports: ; Di ... show more (modsecurity) srv101 ModSecurity 104.207.48.113 (BR/Brazil/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:13:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:13:34.823459 2026] [security2:error] [pid 13641:tid 13641] [client 104.207.48.113:37427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teguer.com"] [uri "/frontend/.env"] [unique_id "aZG4bj68Jc6ImqWvMG17GAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:44:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:44:36.884439 2026] [security2:error] [pid 21314:tid 21314] [client 104.207.48.113:15811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thorhauer.com"] [uri "/wp/.git/config"] [unique_id "aZGxpC4RZQZ31hPdbb2ZJQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:33:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:33:22.909154 2026] [security2:error] [pid 23252:tid 23252] [client 104.207.48.113:26603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "susanleeward.com"] [uri "/.env.staging"] [unique_id "aZFaopFhtGTZvFsj_NuicAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:01:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:01:02.920449 2026] [security2:error] [pid 22781:tid 22781] [client 104.207.48.113:43411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssl-grp.com"] [uri "/.env.staging"] [unique_id "aZE27pHx5D6TxCL39uBOUAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:32:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:32:18.241911 2026] [security2:error] [pid 303:tid 329] [client 104.207.48.113:41581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiritualchristian.com"] [uri "/admin/.git/config"] [unique_id "aZEwMuTjh-Dl8pGktnWuFgAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 164 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 35.203.210.229

🇻🇳 160.187.147.124

🇮🇪 54.195.191.219

🇫🇷 31.220.75.209

🇳🇱 176.65.139.66

🇨🇦 162.219.178.250

🇺🇸 162.216.150.24

🇫🇷 92.103.134.183

🇷🇺 80.78.245.233

🇷🇺 46.191.185.151

🇵🇰 205.164.134.176

🇺🇸 172.236.117.243

🇰🇷 121.66.37.108

🇮🇳 115.247.159.106

🇲🇲 37.111.53.110

🇺🇸 2a02:4780:b:1919:0:17c9:c011:1

🇨🇳 124.117.195.118

🇨🇳 117.40.113.224

🇨🇦 69.49.112.72

🇨🇳 60.172.168.136