JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.141

104.207.48.141 was found in our database!

This IP was reported 117 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.141

Whois 104.207.48.141

IP Abuse Reports for 104.207.48.141:

This IP address has been reported a total of 117 times from 13 distinct sources. 104.207.48.141 was first reported on June 22nd 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-15 12:06:08 (3 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇮🇹 VHosting	2026-01-20 14:00:13 (4 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:34:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:34:42.081810 2025] [security2:error] [pid 17530:tid 17530] [client 104.207.48.141:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.helpsavepets.org"] [uri "/.svn/wc.db"] [unique_id "aSQKkuL0VfhOSu2N9-_miQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:53:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:53:12.356504 2025] [security2:error] [pid 23550:tid 23550] [client 104.207.48.141:57239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.dawgtech.com"] [uri "/.svn/wc.db"] [unique_id "aSPkuNaGYy_p5_4Dp3YzxgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:05:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:04:56.651085 2025] [security2:error] [pid 18325:tid 18336] [client 104.207.48.141:16779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.providencetheological.net"] [uri "/.env"] [unique_id "aSPZaLibCkDUtlE56PAX-AAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:48:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:48:49.531839 2025] [security2:error] [pid 25393:tid 25393] [client 104.207.48.141:30881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.mark.rawlings.name"] [uri "/.env"] [unique_id "aSPVoaSzUaCJ3BEOuOZ_ngAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:23:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:22:52.625064 2025] [security2:error] [pid 24713:tid 24713] [client 104.207.48.141:38099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.robcruickshank.com"] [uri "/.svn/wc.db"] [unique_id "aSPPjJQ7ovgG1-6Ieg7HZQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 cloudmax	2025-10-27 05:54:29 (7 months ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
Anonymous	2025-04-07 12:26:54 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 04:16:15 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 22:09:31 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 23:55:46 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 17:32:52 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 ne1for23	2025-04-02 17:23:06 (1 year ago)	Attempt to access invalid virtual host name (###.###.###.###:80). Typically used to access "interna ... show more Attempt to access invalid virtual host name (###.###.###.###:80). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution. 104.207.48.141 - - [02/Apr/2025:17:23:06 +0000] "GET / HTTP/1.1" 403 153 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0" "-" show less	Hacking
Anonymous	2025-04-02 14:49:14 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.02 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.02 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 117 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 175.204.64.254

🇨🇳 116.208.60.100

🇨🇳 114.237.144.252

🇫🇷 88.123.17.124

🇨🇦 85.217.149.2

🇮🇩 43.243.142.42

🇯🇵 34.97.196.209

🇭🇰 34.92.103.58

🇺🇸 2607:f8b0:4001:c5f::127

🇪🇹 196.189.51.246

🇺🇸 170.85.12.248

🇵🇭 103.171.20.183

🇨🇦 85.217.149.40

🇷🇴 80.94.92.182

🇧🇬 79.124.62.230

🇦🇺 74.91.200.217

🇺🇸 45.79.163.171

🇧🇪 34.78.23.28

🇺🇸 17.246.15.254

🇻🇪 200.8.131.239