JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.153

104.207.48.153 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.153

Whois 104.207.48.153

IP Abuse Reports for 104.207.48.153:

This IP address has been reported a total of 143 times from 21 distinct sources. 104.207.48.153 was first reported on June 11th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 jjnxpct	2026-02-14 04:53:06 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /api/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /api/.env] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:59:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:58:59.544551 2026] [security2:error] [pid 31176:tid 31176] [client 104.207.48.153:13553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lamineparke.com"] [uri "/.env"] [unique_id "aY7n09InWh3yjcdB1CZ2XgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:50:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:50:54.942629 2026] [security2:error] [pid 10047:tid 10047] [client 104.207.48.153:41785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kompareiq.com"] [uri "/.env.save"] [unique_id "aY67vnXgsN5sTAfEAmpDpwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 05:02:18 (3 months ago)	Try to access /app/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:57:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:57:19.037129 2026] [security2:error] [pid 1774691:tid 1774713] [client 104.207.48.153:29189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettleofgold.com"] [uri "/dev/.git/config"] [unique_id "aY6TD3VNotX2_xvF9oGVwwAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:31:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:31:20.799254 2026] [security2:error] [pid 19340:tid 19340] [client 104.207.48.153:36223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelting.net"] [uri "/backup/.git/config"] [unique_id "aY6M-IEh0ToSmx5DzkmoQAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 23:29:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 18:29:16.367101 2026] [security2:error] [pid 25564:tid 25564] [client 104.207.48.153:9527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aeservices.com"] [uri "/.git/config"] [unique_id "aY5iTO9eVarNBHNNZH_pZAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 18:28:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 13:28:29.002577 2026] [security2:error] [pid 8728:tid 8728] [client 104.207.48.153:57891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "britishfolk.org"] [uri "/backend/.env"] [unique_id "aYzKTYUt3_2ZxXLro8nGcQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 geot	2026-02-11 13:40:28 (3 months ago)	GET /backend/.env HTTP/1.1	Hacking Web App Attack
🇮🇹 NonOggiCaroMio	2026-02-11 07:10:58 (3 months ago)	Arruso ca si: crowdsecurity/http-sensitive-files	Brute-Force
🇩🇪 Hugopvigo	2026-02-10 18:30:22 (3 months ago)	104.207.48.153 - - [10/Feb/2026:19:30:20 +0100] "GET /admin/.git/config HTTP/1.1" 404 1007720 "-" "M ... show more 104.207.48.153 - - [10/Feb/2026:19:30:20 +0100] "GET /admin/.git/config HTTP/1.1" 404 1007720 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Hacking Brute-Force Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 06:24:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:24:19.182512 2026] [security2:error] [pid 12446:tid 12446] [client 104.207.48.153:19443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ggisoft.com"] [uri "/wp/.git/config"] [unique_id "aYrPEzdPIxi1QhvTqaWRcgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:25:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:25:47.823489 2026] [security2:error] [pid 16754:tid 16754] [client 104.207.48.153:56509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "getagriponlife.net"] [uri "/api/.env"] [unique_id "aYqzS8nyO1HJwB4v7QxpewAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:55:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:54:54.914620 2026] [security2:error] [pid 32445:tid 32445] [client 104.207.48.153:50261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "generationedm.com"] [uri "/new/.git/config"] [unique_id "aYqP7tBRhkdmmaPwBVZk3AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (3 months ago)	Probing for Exploits	Exploited Host Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.242.168.235

🇺🇸 147.185.132.238

🇺🇸 132.145.213.106

🇯🇵 126.1.22.35

🇺🇸 72.14.147.203

🇸🇬 43.163.107.154

🇮🇶 169.224.94.74

🇫🇷 62.84.183.157

🇺🇦 46.201.247.21

🇹🇷 45.158.14.124

🇨🇳 14.103.25.86

🇺🇸 172.177.0.172

🇸🇪 77.53.193.47

🇬🇧 35.203.211.223

🇷🇺 31.173.0.26

🇺🇸 23.95.191.250

🇻🇳 14.240.228.99

🇨🇳 222.190.110.210

🇨🇳 115.190.45.48

🇨🇳 112.11.6.136