JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.122

104.207.48.122 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.122

Whois 104.207.48.122

IP Abuse Reports for 104.207.48.122:

This IP address has been reported a total of 153 times from 21 distinct sources. 104.207.48.122 was first reported on June 19th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-05-21 15:05:57 (2 weeks ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
🇫🇷 masterguru	2026-03-31 12:13:23 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.48.122 (BR/Brazil/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.48.122 (BR/Brazil/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-02-09 21:41:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:40:49.502296 2026] [security2:error] [pid 2030:tid 2030] [client 104.207.48.122:13581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garrisonfinancial.net"] [uri "/admin/.git/config"] [unique_id "aYpUYQUsagL52he2dyScYQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 18:28:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 13:28:45.210112 2026] [security2:error] [pid 32587:tid 32587] [client 104.207.48.122:53423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futureproductionsonline.com"] [uri "/wp/.git/config"] [unique_id "aYonXaD_QvSkEu6EPs796QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 17:35:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 12:35:07.975972 2026] [security2:error] [pid 25513:tid 25513] [client 104.207.48.122:34659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingangelinvestors.com"] [uri "/backend/.env"] [unique_id "aYoay6dKZKmuRFW-LRLIgQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 02:11:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 21:11:04.320758 2026] [security2:error] [pid 26342:tid 26342] [client 104.207.48.122:53845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftwwx.com"] [uri "/new/.git/config"] [unique_id "aYlCOPHoKbnUFZ7C_6-D8AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 pixelboost.kr	2026-02-03 23:43:26 (4 months ago)	104.207.48.122 - - [04/Feb/2026:08:43:25 +0900] "GET http://peach-pit.sandiego-tickets.com/new/.git/ ... show more 104.207.48.122 - - [04/Feb/2026:08:43:25 +0900] "GET http://peach-pit.sandiego-tickets.com/new/.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-09 19:58:24 (4 months ago)	WP Login Scan Activities	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:59:11 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇩 BPS-StatisticsIndonesia	2025-12-26 15:32:23 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-23 18:09:48 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-16 11:13:04 (5 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 Psycho Solutions LLC	2025-12-07 15:44:10 (6 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 12/7/2025 3:44 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-28 07:45:47 (6 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:54:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:54:24.870491 2025] [security2:error] [pid 14904:tid 14904] [client 104.207.48.122:41467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.veneye.com"] [uri "/.git/HEAD"] [unique_id "aSayMPnMmNaS9Ue3HsZKogAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.33

🇧🇷 205.210.31.182

🇳🇱 185.224.128.16

🇭🇰 172.93.188.91

🇳🇱 168.235.125.60

🇳🇱 93.123.109.127

🇨🇦 85.217.149.54

🇩🇪 47.245.142.46

🇳🇱 45.148.10.152

🇳🇱 45.148.10.147

🇫🇮 34.88.100.169

🇺🇸 207.90.244.14

🇭🇰 199.45.155.84

🇬🇧 188.240.59.15

🇷🇺 178.255.255.21

🇧🇷 177.104.21.44

🇭🇰 154.19.84.147

🇺🇸 152.32.183.236

🇨🇳 150.255.55.100

🇩🇪 144.31.167.110