JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.34

104.207.48.34 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.34

Whois 104.207.48.34

IP Abuse Reports for 104.207.48.34:

This IP address has been reported a total of 127 times from 10 distinct sources. 104.207.48.34 was first reported on June 4th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 18:26:36 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 14:26:29.599192 2026] [security2:error] [pid 19627:tid 19627] [client 104.207.48.34:12355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lazymanvegan.com"] [uri "/.git/HEAD"] [unique_id "aiHDVXnJZnhEGEcVQrz7YwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:36:47 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-01-16 18:37:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 13:36:56.269811 2026] [security2:error] [pid 28332:tid 28332] [client 104.207.48.34:38081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pasadenahairextensions.com"] [uri "/.env"] [unique_id "aWqFSEQL06u-MS4-MSxMrQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:20:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:20:23.287896 2025] [security2:error] [pid 13041:tid 13041] [client 104.207.48.34:60521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cbrtestsite.com"] [uri "/.git/HEAD"] [unique_id "aSbid5ibW3Nidyd_22TLCwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:40:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:40:18.735701 2025] [security2:error] [pid 3738123:tid 3738185] [client 104.207.48.34:51935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.callaplusfirst.com"] [uri "/.env"] [unique_id "aSbLAudeQgRNnjCL8RQeVwAAAZc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:42:48 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:42:45.328618 2025] [security2:error] [pid 22726:tid 22726] [client 104.207.48.34:50433] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.jresm.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.jresm.com"] [uri "/.svn/wc.db"] [unique_id "aSahZae-JqwlA0RVanNXVgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:59:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:59:14.580630 2025] [security2:error] [pid 4426:tid 4426] [client 104.207.48.34:45161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wmodradio.com"] [uri "/.svn/wc.db"] [unique_id "aSaXMpDwpwvuihetTmAL_QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:27:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:27:03.274090 2025] [security2:error] [pid 28230:tid 28230] [client 104.207.48.34:57979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pleaseaddbacon.com"] [uri "/.git/HEAD"] [unique_id "aSZXZ86d8Xb72QA-HS28owAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 21:35:47 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:29:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:29:15.350629 2025] [security2:error] [pid 23075:tid 23075] [client 104.207.48.34:46907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kerrywood.com"] [uri "/.svn/wc.db"] [unique_id "aSQlaxmAcApbYs0_SmOT9gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-11-19 07:06:05 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-08 00:50:40 (6 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-28 22:01:37 (7 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-11 06:21:36 (7 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.11 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 20:18:32 (7 months ago)	Attempted brute force login to web vpn 162 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 162 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.50.226.182

🇨🇳 180.113.65.133

🇳🇱 176.65.148.147

🇺🇸 154.83.197.108

🇺🇸 146.190.215.195

🇭🇰 146.70.79.47

🇺🇸 142.251.15.95

🇳🇱 45.148.10.240

🇺🇸 216.25.89.119

🇩🇪 195.254.165.23

🇧🇷 177.104.171.149

🇭🇰 144.48.243.18

🇵🇰 144.48.121.126

🇨🇦 104.158.48.89

🇱🇹 81.30.98.144

🇿🇦 41.78.245.41

🇳🇱 31.42.176.142

🇺🇸 172.253.210.85

🇺🇸 172.234.237.248

🇧🇷 170.247.241.197