JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.24

104.207.48.24 was found in our database!

This IP was reported 97 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.24

Whois 104.207.48.24

IP Abuse Reports for 104.207.48.24:

This IP address has been reported a total of 97 times from 22 distinct sources. 104.207.48.24 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-18 04:23:07 (1 day ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
🇨🇭 backslash	2026-05-23 05:03:06 (3 weeks ago)		Bad Web Bot
🇩🇪 F242	2026-01-30 05:32:43 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 myagent.site	2026-01-20 21:48:45 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-20 20:37:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 20 15:37:32.034079 2026] [security2:error] [pid 10893:tid 10965] [client 104.207.48.24:43923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "la.productions"] [uri "/.svn/wc.db"] [unique_id "aW_ni5jZt9A5gBNTJlY8FwAAAVI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 07:15:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 02:15:47.140968 2025] [security2:error] [pid 13474:tid 13474] [client 104.207.48.24:59679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clinegroupmarketplace.com"] [uri "/.env"] [unique_id "aTfMo8dN69G_GF49ElSltgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 22:08:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 17:08:26.873599 2025] [security2:error] [pid 2450:tid 2450] [client 104.207.48.24:55371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jacobunderwoodmusic.com"] [uri "/.svn/wc.db"] [unique_id "aTX62oQeYK67L3ajTrrzfQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:40:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:40:56.099207 2025] [security2:error] [pid 2391:tid 2396] [client 104.207.48.24:46907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wheezer.org"] [uri "/.git/HEAD"] [unique_id "aTWgCC5SF_vgEhUnXK-crAAAAUE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Little Iguana	2025-12-07 09:40:26 (6 months ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
🇺🇸 TPI-Abuse	2025-12-05 17:15:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 12:15:03.559815 2025] [security2:error] [pid 26136:tid 26136] [client 104.207.48.24:9595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "customdesignsbybjp.com"] [uri "/.git/HEAD"] [unique_id "aTMTFzsOUxqrmysVvd8f_gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:18:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:18:43.646933 2025] [security2:error] [pid 7439:tid 7439] [client 104.207.48.24:30993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "forwardti.com"] [uri "/.git/HEAD"] [unique_id "aTKVY8nXbpbkUwXgmeb9IwAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:41:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:41:01.415650 2025] [security2:error] [pid 9750:tid 9750] [client 104.207.48.24:37089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "simia.com"] [uri "/.git/HEAD"] [unique_id "aTJwbfBrdn9lyMTJbHqGdwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 13:52:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 08:52:00.499125 2025] [security2:error] [pid 2905795:tid 2905810] [client 104.207.48.24:38437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amazinglips.com"] [uri "/wp-config.php"] [unique_id "aSmpABzqism4SC0Dm8kd2QAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Little Iguana	2025-11-28 07:40:21 (6 months ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
Anonymous	2025-11-25 19:20:19 (6 months ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 97 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.164

🇳🇬 165.154.11.64

🇮🇩 103.125.102.184

🇳🇱 91.92.40.237

🇧🇷 45.179.236.159

🇳🇱 45.148.10.147

🇧🇬 45.83.218.9

🇩🇪 43.228.157.203

🇸🇬 43.156.13.166

🇷🇴 2.57.121.112

🇪🇬 197.63.101.34

🇺🇸 172.90.128.97

🇺🇸 147.185.132.190

🇻🇳 123.28.106.231

🇯🇵 103.163.220.30

🇯🇵 103.163.220.13

🇧🇷 45.231.201.9

🇧🇷 43.164.192.38

🇳🇬 41.242.115.83

🇧🇪 35.195.148.171