JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.44

104.207.48.44 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.44

Whois 104.207.48.44

IP Abuse Reports for 104.207.48.44:

This IP address has been reported a total of 139 times from 19 distinct sources. 104.207.48.44 was first reported on June 5th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Interceptor_HQ	2025-12-30 06:04:19 (5 months ago)	request_uri: /.env -- automatic report --	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-29 04:47:15 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:47:10.039799 2025] [security2:error] [pid 25444:tid 25444] [client 104.207.48.44:21929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "themotelwest.com"] [uri "/.svn/wc.db"] [unique_id "aVIHziYxH20MhgxxlbeBgQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:23:38 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:23:32.273013 2025] [security2:error] [pid 7085:tid 7085] [client 104.207.48.44:20657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "christianbroadcastingleague.com"] [uri "/.git/HEAD"] [unique_id "aVICRIXmauI4hgNE3-IXpQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-16 03:38:48 (5 months ago)	2025-12-16T05:38:47.740618+02:00 zanati wp(www.sahpa.co.za)[1160031]: Blocked authentication attempt ... show more 2025-12-16T05:38:47.740618+02:00 zanati wp(www.sahpa.co.za)[1160031]: Blocked authentication attempt for [email protected] from 104.207.48.44 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 09:57:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:57:16.172502 2025] [security2:error] [pid 20817:tid 20817] [client 104.207.48.44:59815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boat-registration-greece.com"] [uri "/.env"] [unique_id "aTfyfEltdFOtNzj7TyQ-VQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-08 15:18:16 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-07 23:17:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:17:03.905826 2025] [security2:error] [pid 5991:tid 5991] [client 104.207.48.44:59407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scadainthecloud.com"] [uri "/.env"] [unique_id "aTYK72frKfWaolWTUpZx3gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:57:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:57:40.326976 2025] [security2:error] [pid 26933:tid 26933] [client 104.207.48.44:30165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clarktec.com"] [uri "/.svn/wc.db"] [unique_id "aTJ0VHvXxSFs_VX9Un0OUQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:40:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:40:27.363698 2025] [security2:error] [pid 10768:tid 10768] [client 104.207.48.44:13103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hollistercomputer.com"] [uri "/.env"] [unique_id "aTIp-6dOGu11PqB3e9n6FgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2025-11-28 05:10:16 (6 months ago)	Wordpress malicious attack:[octa404]	Web App Attack
Anonymous	2025-11-25 08:00:30 (6 months ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇺🇸 jcbriar	2025-11-24 11:23:50 (6 months ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:25:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:25:04.111445 2025] [security2:error] [pid 25105:tid 25133] [client 104.207.48.44:9123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barkdullit.com"] [uri "/.env"] [unique_id "aSQWYMn5O4wpUvSPLAuZnQAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:33:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:33:34.857244 2025] [security2:error] [pid 30310:tid 30310] [client 104.207.48.44:59843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.siteworkestimating.prospecinspections.com"] [uri "/.git/HEAD"] [unique_id "aSPgHiX7gbjNrX0h6BnHlwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-17 22:42:07 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.48.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 17 17:42:01.622613 2025] [security2:error] [pid 11285:tid 11345] [client 104.207.48.44:49833] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.store.emehache.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.store.emehache.com"] [uri "/s3cmd.ini"] [unique_id "aRukuWRAq-Yuzipe0HJ8wAAAAgM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.142.107.47

🇰🇷 211.223.107.86

🇺🇸 165.154.172.88

🇺🇸 136.114.113.138

🇬🇧 90.251.140.181

🇲🇦 81.192.46.45

🇩🇪 34.185.227.51

🇺🇸 34.55.172.12

🇺🇸 34.21.94.60

🇷🇴 2.57.122.177

🇧🇷 187.73.25.175

🇩🇪 130.12.182.140

🇨🇳 49.87.119.58

🇸🇬 38.60.198.25

🇨🇦 35.234.245.35

🇮🇳 34.180.50.221

🇺🇸 34.139.134.139

🇺🇸 34.86.221.220

🇺🇸 24.97.253.246

🇺🇸 8.231.36.39