JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.238

104.207.48.238 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.238

Whois 104.207.48.238

IP Abuse Reports for 104.207.48.238:

This IP address has been reported a total of 133 times from 13 distinct sources. 104.207.48.238 was first reported on June 6th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-05-13 22:30:08 (3 weeks ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇫🇷 dynamix	2026-02-13 13:38:44 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:24:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:23:53.443275 2026] [security2:error] [pid 32630:tid 32763] [client 104.207.48.238:63393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "layoverlocations.com"] [uri "/.git/config"] [unique_id "aY8l6T1fK48W5T6p33OQ5AAAAkI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:51:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:51:41.529736 2026] [security2:error] [pid 10101:tid 10101] [client 104.207.48.238:18821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "midnight-tech.com"] [uri "/admin/.env"] [unique_id "aY8eXayTZUsQhIfe0pt4lAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 09:05:45 (3 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 07:16:51 (3 months ago)	Try to access /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:10:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:10:41.772422 2026] [security2:error] [pid 14982:tid 14982] [client 104.207.48.238:31439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcdesigner.com"] [uri "/new/.git/config"] [unique_id "aY7AYVUU66aCh8541fF1vAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mr-Money	2026-02-13 02:10:14 (3 months ago)	scenario: crowdsecurity/http-sensitive-files - events: 5	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:59:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:59:31.007303 2026] [security2:error] [pid 15591:tid 15591] [client 104.207.48.238:49141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "makaelamakes.org"] [uri "/app/.git/config"] [unique_id "aY6Fg2t3P07Gi2Wdn-V_8gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 18:05:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 13:05:12.506070 2026] [security2:error] [pid 22710:tid 22710] [client 104.207.48.238:12051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dreamscometruefilms.com"] [uri "/.env"] [unique_id "aY4WWPBH85ra6O_PqDrBawAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:10:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:10:10.025713 2026] [security2:error] [pid 1064808:tid 1064838] [client 104.207.48.238:33399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cynosurepressurewashing.com"] [uri "/.env"] [unique_id "aY4Jcoqe-LjNqKCvtKSjswAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 16:01:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 11:01:41.417231 2026] [security2:error] [pid 12781:tid 12781] [client 104.207.48.238:64349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fsmfl.com"] [uri "/api/.git/config"] [unique_id "aYtWZSOMxPk2BblGf9xPFgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-01-24 11:25:10 (4 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2025-10-11 07:27:26 (7 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 22:53:39 (7 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8c01:b001

🇳🇱 185.242.226.104

🇺🇸 162.216.150.104

🇵🇰 144.48.130.149

🇺🇸 132.147.156.227

🇫🇷 91.196.152.26

🇬🇧 35.203.211.59

🇬🇧 35.203.210.156

🇰🇷 211.104.166.110

🇨🇳 157.0.0.10

🇭🇰 152.32.192.176

🇩🇪 128.140.89.56

🇸🇬 104.28.156.111

🇮🇹 93.145.152.138

🇳🇱 91.92.42.34

🇷🇴 80.94.92.171

🇺🇸 64.62.156.196

🇸🇳 41.83.98.137

🇮🇳 20.193.141.133

🇩🇪 8.211.28.246