JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.118

104.207.48.118 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.118

Whois 104.207.48.118

IP Abuse Reports for 104.207.48.118:

This IP address has been reported a total of 125 times from 15 distinct sources. 104.207.48.118 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-01 15:08:37 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 11:08:33.656123 2026] [security2:error] [pid 22090:tid 22090] [client 104.207.48.118:53717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.whipchecks.com.au"] [uri "/.env"] [unique_id "afTB8XlNM9dCdWKp-6B5igAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-10 18:29:44 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:52:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:52:41.053039 2026] [security2:error] [pid 2730689:tid 2730689] [client 104.207.48.118:19443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kittensquid.com"] [uri "/frontend/.env"] [unique_id "aYqribma8K7sp6P7eZipNgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 ketovoila.pl	2026-02-10 00:52:06 (4 months ago)	ketovoila.pl HONEYPOT traffic: count=1, paths=1; sample_path=ketovoila.pl/admin/.env; UA=Mozilla/5.0 ... show more ketovoila.pl HONEYPOT traffic: count=1, paths=1; sample_path=ketovoila.pl/admin/.env; UA=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36; window=2026-02-10T00:29:10Z..2026-02-10T00:29:10Z show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-02-09 23:53:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:53:12.242709 2026] [security2:error] [pid 3417:tid 3417] [client 104.207.48.118:12047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kenirving.com"] [uri "/.env.save"] [unique_id "aYpzaLBS1JWp7Pqw8HJsxgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:21:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:21:13.808694 2026] [security2:error] [pid 11020:tid 11020] [client 104.207.48.118:34155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horsesaw.com"] [uri "/dev/.git/config"] [unique_id "aYpPySSBnki-9a5s1mficgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Axel	2026-02-09 20:49:29 (4 months ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /backend/.env	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:46:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:46:16.963308 2026] [security2:error] [pid 23258:tid 23297] [client 104.207.48.118:16121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honorac.com"] [uri "/admin/.git/config"] [unique_id "aYpHmPQWDMuJKw5btCryVgAAAYk"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-01-27 00:10:38 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Xbox; Xbox One) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edge/44.18363.8131 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇧🇪 cmbplf	2025-12-14 23:29:59 (5 months ago)	3.900 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-24 08:43:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:43:30.943942 2025] [security2:error] [pid 3656704:tid 3656704] [client 104.207.48.118:57055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.iypinc1.iyp-home.com"] [uri "/.env"] [unique_id "aSQaslJNOCFiRYlvxngnCgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:20:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:20:48.188753 2025] [security2:error] [pid 28435:tid 28435] [client 104.207.48.118:45651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "banis-associates.com"] [uri "/.env"] [unique_id "aSQVYHoIJE0HVMWC_mFR-QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-16 10:42:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 16 05:42:24.849016 2025] [security2:error] [pid 28001:tid 28001] [client 104.207.48.118:23407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.okeetokee.org"] [uri "/.env"] [unique_id "aRmqkAflq6Dkq3J6Ki20XwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-09 12:47:11 (8 months ago)	...	Brute-Force SSH
Anonymous	2025-04-07 04:53:14 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 91.231.89.93

🇩🇪 213.209.159.56

🇺🇸 206.212.244.18

🇧🇷 200.53.16.24

🇺🇸 173.239.211.7

🇺🇸 162.216.149.170

🇨🇳 118.196.86.3

🇨🇳 39.104.63.170

🇮🇳 182.66.214.70

🇭🇰 118.193.43.158

🇮🇹 37.117.151.136

🇺🇸 34.106.85.174

🇺🇸 24.142.170.231

🇷🇴 2.57.121.25

🇵🇱 2001:41d0:601:1100::3b22

🇬🇹 190.56.126.22

🇫🇷 185.177.72.30

🇺🇸 165.22.8.7

🇺🇸 107.150.103.210

🇺🇸 104.245.243.198