JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.187

104.207.48.187 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 31%: ?

31%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.187

Whois 104.207.48.187

IP Abuse Reports for 104.207.48.187:

This IP address has been reported a total of 135 times from 18 distinct sources. 104.207.48.187 was first reported on June 6th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 stinpriza	2026-06-03 13:25:54 (2 weeks ago)	Web App Attack	Web App Attack
🇲🇽 octageeks.com	2026-06-03 04:08:24 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
Anonymous	2026-05-31 05:02:35 (3 weeks ago)	[server.tmg.gr] httpd-login-spray-site: sites=add2021.gr; logs=/var/log/httpd/domains/add2021.gr.log ... show more [server.tmg.gr] httpd-login-spray-site: sites=add2021.gr; logs=/var/log/httpd/domains/add2021.gr.log; samples=site_wide=true \| distinct_ips=16 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-05-30 10:06:04 (3 weeks ago)	Wordfence waf block on fypeducation	Web App Attack
🇳🇱 ParaBug	2026-05-30 01:00:44 (3 weeks ago)	104.207.48.187 - - [30/May/2026:03:00:44 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.env HTT ... show more 104.207.48.187 - - [30/May/2026:03:00:44 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.env HTTP/1.1" 403 440 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 koinkash.org	2026-05-28 03:40:27 (3 weeks ago)	They are fraudulent. Malicious threat actor requesting php file /wp-login.php	Web App Attack
Anonymous	2026-05-26 21:53:40 (3 weeks ago)	wordpress authentication brute force	Brute-Force Web App Attack
🇬🇧 PeravixGroup	2026-05-06 17:49:42 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-12-31 01:00:56 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-26 11:55:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:55:12.599877 2025] [security2:error] [pid 2409:tid 2409] [client 104.207.48.187:25685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ozkanturker.com"] [uri "/.git/HEAD"] [unique_id "aSbqoFKgL_MAV6tQEFZHqwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:19:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:18:58.052997 2025] [security2:error] [pid 16824:tid 16870] [client 104.207.48.187:12699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.robertbellamy.com"] [uri "/.svn/wc.db"] [unique_id "aSbiIs97VZ-sS76jFmyDQQAAAE0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:46:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:46:20.032189 2025] [security2:error] [pid 32638:tid 32638] [client 104.207.48.187:54631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.gemexpressions.com"] [uri "/.git/HEAD"] [unique_id "aSa-XOuH4tjcyfQNYGf1pQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:00:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:00:41.561113 2025] [security2:error] [pid 25914:tid 25914] [client 104.207.48.187:43241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.arthouse-creative.com"] [uri "/.git/HEAD"] [unique_id "aSZtWe4gC8kCaq4fHiujlgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:02:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:02:09.219676 2025] [security2:error] [pid 11101:tid 11101] [client 104.207.48.187:54503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.title25.itaxcenter.com"] [uri "/.env"] [unique_id "aSZRkcnV_pyiX4o7zDpKdQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:57:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:57:52.126221 2025] [security2:error] [pid 7326:tid 7326] [client 104.207.48.187:24143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fractalsky.com"] [uri "/.env"] [unique_id "aSU3UHSmvySl5Lg_dyBr8wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 213.233.104.140

🇭🇰 199.45.154.120

🇳🇱 195.62.32.180

🇳🇱 91.92.40.45

🇨🇦 85.217.149.47

🇧🇷 45.175.123.254

🇷🇺 45.81.33.205

🇯🇵 14.137.237.192

🇨🇳 123.187.121.5

🇸🇬 103.189.234.96

🇧🇾 81.30.98.142

🇭🇰 43.154.195.142

🇳🇬 41.184.55.66

🇧🇪 34.34.175.72

🇺🇸 2400:cb00:1177:1000:6809:3af9:1621:7293

🇧🇬 193.24.211.107

🇪🇸 158.158.47.67

🇨🇳 116.25.92.237

🇧🇬 79.124.60.146

🇺🇸 47.251.86.217