JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.234

104.207.48.234 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.234

Whois 104.207.48.234

IP Abuse Reports for 104.207.48.234:

This IP address has been reported a total of 131 times from 15 distinct sources. 104.207.48.234 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:03:06 (2 weeks ago)		Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-27 19:07:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:07:02.305059 2025] [security2:error] [pid 510716:tid 510716] [client 104.207.48.234:47171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aholsniffsglue.com"] [uri "/.git/HEAD"] [unique_id "aSihVq1mf-u1VgDI7X86rgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 22:20:02 (6 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:22:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:22:43.203779 2025] [security2:error] [pid 18194:tid 18285] [client 104.207.48.234:30715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.oplconnect.com"] [uri "/.svn/wc.db"] [unique_id "aSPro-9urIyQu8V3f-3l-gAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:43:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:43:04.463319 2025] [security2:error] [pid 21051:tid 21051] [client 104.207.48.234:10107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.customprintedweddingnapkins.com"] [uri "/.env"] [unique_id "aSPiWIFHDLM9WYmBx85e-AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 WeCloudit-Anti-Abuse	2025-11-06 13:40:11 (7 months ago)	WAF: Found blacklisted crawler 2- wsit	Email Spam Brute-Force
🇧🇪 cmbplf	2025-10-29 12:50:10 (7 months ago)	808 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇨🇿 lp	2025-10-19 09:20:41 (7 months ago)	SSH Brute force: 1 attempts were recorded from 104.207.48.234 2025-10-19T11:08:52+02:00 Invalid user ... show more SSH Brute force: 1 attempts were recorded from 104.207.48.234 2025-10-19T11:08:52+02:00 Invalid user admin from 104.207.48.234 port 41589 show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-10-14 12:02:19 (7 months ago)	(mod_security) mod_security (id:210831) triggered by 104.207.48.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 104.207.48.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 14 08:02:08.991138 2025] [security2:error] [pid 8240:tid 8240] [client 104.207.48.234:39175] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/webalizer/"] [unique_id "aO47wKDsUNOUCsHZOqTumgAAABU"], referer: http://backstore.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-11 03:07:36 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 12:54:56 (7 months ago)	Attempted brute force login to web vpn 180 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 180 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-09 18:10:29 (7 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.09 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-08 20:04:28 (7 months ago)	Attempted brute force login to web vpn 180 time(s); last attempt for 2025.10.08 is noted in report t ... show more Attempted brute force login to web vpn 180 time(s); last attempt for 2025.10.08 is noted in report timestamp show less	Hacking Brute-Force
🇦🇺 MAGIC	2025-04-07 14:05:51 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-04-07 10:46:32 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 91.148.190.150

🇹🇼 198.235.24.45

🇺🇸 172.208.24.40

🇺🇸 162.216.149.119

🇨🇳 113.110.218.146

🇨🇳 58.212.237.214

🇳🇬 102.88.137.80

🇫🇷 91.196.152.205

🇺🇸 69.164.221.27

🇫🇷 51.91.177.35

🇫🇷 51.68.111.244

🇳🇱 45.148.10.141

🇺🇸 192.155.84.194

🇧🇷 187.16.96.250

🇺🇸 147.185.132.19

🇨🇳 106.117.109.207

🇺🇸 45.79.8.221

🇺🇸 20.65.193.79

🇵🇹 212.55.149.117

🇨🇳 210.13.84.84