JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.151

104.207.48.151 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.151

Whois 104.207.48.151

IP Abuse Reports for 104.207.48.151:

This IP address has been reported a total of 129 times from 15 distinct sources. 104.207.48.151 was first reported on June 4th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-07 10:00:18 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 oncord	2026-02-15 14:10:31 (3 months ago)	Form spam	Web Spam
🇬🇧 oncord	2026-02-14 13:58:33 (3 months ago)	Form spam	Web Spam
🇪🇸 10dencehispahard SL	2026-02-11 06:38:11 (3 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 oncord	2026-02-06 23:42:59 (4 months ago)	Form spam	Web Spam
Anonymous	2026-02-05 00:18:51 (4 months ago)	SPROVFR WEBFORM SPAM 104.207.48.151 (104.207.48.151)	Web Spam
🇺🇸 oncord	2026-02-04 02:45:27 (4 months ago)	Form spam	Web Spam
🇲🇹 Malta	2026-01-30 03:36:24 (4 months ago)	104.207.48.151 - - [30/Jan/2026:04:36:24 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 104.207.48.151 - - [30/Jan/2026:04:36:24 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	VPN IP Hacking Web App Attack
Anonymous	2025-11-24 17:44:55 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-24 09:24:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:24:11.595701 2025] [security2:error] [pid 11056:tid 11056] [client 104.207.48.151:42931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thewritekellys.com"] [uri "/.env"] [unique_id "aSQkOz5EzHlAHUGWmuZ0dQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:36:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:35:55.453071 2025] [security2:error] [pid 11327:tid 11327] [client 104.207.48.151:60365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.mskimberleesspace.com"] [uri "/.svn/wc.db"] [unique_id "aSP8y6bkdwwiq5dOxPaNzgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:51:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:51:30.359782 2025] [security2:error] [pid 13546:tid 13546] [client 104.207.48.151:60261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.blueskyfederal.com"] [uri "/.svn/wc.db"] [unique_id "aSPkUj_rBR2nnilBLB3_ZQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:21:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:20:57.562774 2025] [security2:error] [pid 29672:tid 29672] [client 104.207.48.151:31387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.iclog.us"] [uri "/.env"] [unique_id "aSPdKRj8R-sQxVeAlLO6SwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2025-10-27 04:10:26 (7 months ago)	Wordpress malicious attack:[sshd]	Web App Attack
Anonymous	2025-04-07 00:28:00 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 165.22.94.182

🇸🇬 129.226.95.93

🇺🇸 107.174.137.235

🇳🇱 45.148.10.183

🇬🇧 35.203.211.250

🇺🇸 2602:fb54:1a00::1ab

🇺🇸 154.92.22.13

🇰🇷 112.151.178.49

🇩🇪 95.90.13.168

🇺🇸 47.251.44.36

🇪🇸 46.6.124.216

🇧🇷 45.4.179.3

🇨🇳 39.96.175.154

🇮🇳 182.95.185.142

🇧🇷 179.125.149.37

🇺🇸 162.158.89.212

🇮🇩 103.147.159.91

🇻🇳 103.24.245.97

🇧🇬 91.191.209.198

🇮🇳 72.60.200.27