JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.125

104.207.48.125 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.125

Whois 104.207.48.125

IP Abuse Reports for 104.207.48.125:

This IP address has been reported a total of 142 times from 22 distinct sources. 104.207.48.125 was first reported on June 18th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-03 07:45:20 (1 week ago)	Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signatur ... show more Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signature Blocked: /wishlist/index/add/product/1412/form_key/2grCgm0Ho9eXnODs/ \| UA: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gec... show less	Hacking Bad Web Bot Web App Attack
🇨🇭 4server	2026-05-13 01:30:40 (1 month ago)	[WedMay1303:30:35.3946522026][security2:error][pid259945:tid260061][client104.207.48.125:0]ModSecuri ... show more [WedMay1303:30:35.3946522026][security2:error][pid259945:tid260061][client104.207.48.125:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".svn\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"rd-gaming.net\"][uri\"/.svn/wc.db\"][unique_id\"agPUO8WAF-4hnheizCMkGAAAAQM\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:13:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:13:28.506803 2026] [security2:error] [pid 28909:tid 28909] [client 104.207.48.125:39059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikeziegler.com"] [uri "/.env.save"] [unique_id "aY8jeBNntiXzyfGnK2iyvAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:47:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:47:44.820026 2026] [security2:error] [pid 23173:tid 23173] [client 104.207.48.125:35557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "midaslachine.com"] [uri "/backup/.git/config"] [unique_id "aY8dcNJWjZPIuE3OjM8U4wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:53:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:53:40.974932 2026] [security2:error] [pid 18355:tid 18355] [client 104.207.48.125:12415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meliaethelwoodard.com"] [uri "/app/.env"] [unique_id "aY7YhE9uLLnbXguMiOBsUwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 06:24:47 (4 months ago)	Blocking for trying to access an exploit file: /test/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-13 06:12:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:12:02.451475 2026] [security2:error] [pid 9271:tid 9271] [client 104.207.48.125:59723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcginleyclan.com"] [uri "/.env.local"] [unique_id "aY7Ass8XdkkSeyXc_jUX7gAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:25:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:25:10.349734 2026] [security2:error] [pid 1363166:tid 1363166] [client 104.207.48.125:61405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mattsound.com"] [uri "/.env.local"] [unique_id "aY61tpxCZbQWZwxaj3lNiAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 04:42:19 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.48.125 (BR/Brazil/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.48.125 (BR/Brazil/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:23:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:23:43.372001 2026] [security2:error] [pid 12610:tid 12610] [client 104.207.48.125:35303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mardensmith.com"] [uri "/v2/.git/config"] [unique_id "aY6ZP4bt8hhfhv3z_aVAzQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:35:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:34:59.977888 2026] [security2:error] [pid 1610:tid 1610] [client 104.207.48.125:17267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mahtani.org"] [uri "/.env"] [unique_id "aY5_w9dr4RkjBk_9YmpyLAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 00:56:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 19:56:36.420926 2026] [security2:error] [pid 23130:tid 23130] [client 104.207.48.125:55181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madbanana.com"] [uri "/new/.git/config"] [unique_id "aY52xD8k42Yy9wEQnsLB6AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:47:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:47:28.133025 2026] [security2:error] [pid 1064810:tid 1064887] [client 104.207.48.125:14409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dejacats.com"] [uri "/.git/config"] [unique_id "aY32EJmBkH5dhoNqV1jYEwAAAhI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-12 15:44:34 (4 months ago)	Try to access /.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 03:57:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 22:56:57.689615 2026] [security2:error] [pid 30812:tid 30812] [client 104.207.48.125:56839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gayarab.com"] [uri "/api/.env"] [unique_id "aY1Pid8sJUfZS-JaGk5blAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.235

🇳🇱 185.242.226.67

🇩🇪 51.195.50.33

🇨🇳 218.9.233.232

🇸🇪 155.4.244.169

🇺🇸 146.88.241.177

🇨🇿 82.118.30.94

🇨🇿 82.118.30.81

🇨🇿 82.118.30.75

🇨🇿 82.118.30.67

🇨🇿 82.118.30.59

🇨🇿 82.118.30.58

🇬🇧 62.56.246.76

🇦🇹 45.137.172.116

🇵🇱 31.133.1.80

🇨🇳 222.189.98.116

🇸🇬 192.161.168.38

🇮🇩 182.13.96.107

🇹🇭 171.100.121.127

🇨🇦 82.41.69.162