JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.190

104.207.48.190 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.190

Whois 104.207.48.190

IP Abuse Reports for 104.207.48.190:

This IP address has been reported a total of 127 times from 15 distinct sources. 104.207.48.190 was first reported on June 8th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 F242	2026-01-30 06:16:34 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
Anonymous	2026-01-22 18:30:03 (4 months ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Hacking SQL Injection Web App Attack
🇵🇱 nfsec.pl	2026-01-22 03:20:42 (4 months ago)	104.207.48.190 - - [22/Jan/2026:03:20:34 +0000] "GET /index.php?option=com_search%27%29%20AND%20%28S ... show more 104.207.48.190 - - [22/Jan/2026:03:20:34 +0000] "GET /index.php?option=com_search%27%29%20AND%20%28SELECT%20%27GcBc%27%20FROM%20INFORMATION_SCHEMA.IO_STATISTICS%29%3D%27GcBc%27%20AND%20%28%27JAFP%27%3D%27JAFP&searchword=%20atak&searchphrase=exact&ordering=newest HTTP/1.1" 403 5842 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 104.207.48.190 - - [22/Jan/2026:03:20:36 +0000] "GET /index.php?option=com_search%27%29%20AND%20%28SELECT%20%27GcBc%27%20FROM%20INFORMATION_SCHEMA.IO_STATISTICS%29%3D%27qVNP%27%20AND%20%28%27fDXx%27%3D%27fDXx&searchword=%20atak&searchphrase=exact&ordering=newest HTTP/1.1" 403 5842 "-" "Mozilla/5.0 (X11; CrOS x86_64 14816.131.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 104.207.48.190 - - [22/Jan/2026:03:20:38 +0000] "GET /index.php?option=com_search%27%29%20AND%20%28SELECT%20STRINGTOUTF8%28NULL%29%29%20IS%20NULL%20AND%20%28%27rclG%27%3D%27rclG&searchword=%20atak&s ... show less	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-01-13 12:35:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:35:07.562853 2026] [security2:error] [pid 3555411:tid 3555462] [client 104.207.48.190:32965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tonysergio.com"] [uri "/.svn/wc.db"] [unique_id "aWY7-8DTJSHkNbhpvW4q7AAAAUQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-13 11:55:19 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-12 15:07:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 10:07:47.550661 2026] [security2:error] [pid 1656:tid 1656] [client 104.207.48.190:55343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1st-advantage-arkansas-real-estate-school.com"] [uri "/.git/HEAD"] [unique_id "aWUOQ2QEoMcBzC_sY0tPfgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-02 18:39:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 13:39:17.370911 2026] [security2:error] [pid 3137:tid 3137] [client 104.207.48.190:55827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.skintormint.com"] [uri "/.git/HEAD"] [unique_id "aVgQ1c77vX6Qef47TnvywwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇷 IgorS.zg.hr	2025-12-30 11:33:06 (5 months ago)	Web application attack detected by fail2ban	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:41:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:41:12.763379 2025] [security2:error] [pid 24032:tid 24032] [client 104.207.48.190:39187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "olgapottery.com"] [uri "/.git/HEAD"] [unique_id "aVIUeAkiR1IeKyUenXE3ogAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 21:36:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:36:04.612801 2025] [security2:error] [pid 644382:tid 644382] [client 104.207.48.190:26267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fiasdesigns.com"] [uri "/.env"] [unique_id "aSjERORaBhoasE9SiRzzWQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 19:13:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:13:19.087135 2025] [security2:error] [pid 24999:tid 24999] [client 104.207.48.190:18853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alsetsystems.com"] [uri "/.git/HEAD"] [unique_id "aSiizwx3tjq_3GRflQQragAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:28:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:28:31.581728 2025] [security2:error] [pid 9779:tid 9779] [client 104.207.48.190:16059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.schmeagle.com"] [uri "/.env"] [unique_id "aSVMj0y79tbZmT9JpqmOCQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:03:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:03:03.317685 2025] [security2:error] [pid 1965:tid 1965] [client 104.207.48.190:36163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.champions-in-arms.com"] [uri "/.env"] [unique_id "aSVGl-qHkmGUqsRTTM8cnwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:19:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:19:03.442748 2025] [security2:error] [pid 31622:tid 31622] [client 104.207.48.190:37561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.dhsgrad.net"] [uri "/.env"] [unique_id "aSU8R_d1xxWnEcuRCae1hAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:55:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:55:03.026014 2025] [security2:error] [pid 1647140:tid 1647194] [client 104.207.48.190:24651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.georgementz.org"] [uri "/.git/HEAD"] [unique_id "aSUMd8WdNO_bFaD03ZYUawAAANA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.30.36.120

🇬🇧 185.166.42.96

🇨🇴 181.51.189.171

🇺🇸 157.230.133.142

🇬🇧 141.136.34.72

🇮🇹 94.176.212.122

🇩🇪 212.30.36.145

🇬🇧 185.216.145.176

🇨🇳 120.195.50.149

🇷🇺 93.77.187.140

🇸🇬 47.128.122.10

🇱🇹 45.227.254.170

🇺🇸 18.189.74.1

🇩🇪 212.30.36.148

🇹🇭 202.29.236.76

🇪🇹 196.189.184.20

🇬🇧 193.32.209.254

🇪🇨 193.30.14.163

🇭🇰 165.154.6.75

🇦🇺 150.228.151.150