JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.46

104.207.48.46 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.46

Whois 104.207.48.46

IP Abuse Reports for 104.207.48.46:

This IP address has been reported a total of 128 times from 13 distinct sources. 104.207.48.46 was first reported on June 11th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-07 04:38:56 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇪🇸 10dencehispahard SL	2026-01-26 07:36:53 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-01-16 20:18:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 15:18:23.563391 2026] [security2:error] [pid 2102:tid 2102] [client 104.207.48.46:37405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.techimprints.com"] [uri "/.env"] [unique_id "aWqdD7Wlf_WmbhFItczYjAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 19:45:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 14:45:21.255029 2026] [security2:error] [pid 23458:tid 23458] [client 104.207.48.46:51837] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "syndetec.com"] [uri "/.env"] [unique_id "aWqVUT8rnhieNi0b5W-LrgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:55:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:55:48.931898 2025] [security2:error] [pid 18022:tid 18022] [client 104.207.48.46:22175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.hudswell.com"] [uri "/.env"] [unique_id "aSVE5Ai9lMkfhB1bGid4RwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:47:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:47:21.831299 2025] [security2:error] [pid 6694:tid 6694] [client 104.207.48.46:27379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.weddingmusicguitar.com"] [uri "/.git/HEAD"] [unique_id "aSUmyeXmNQ2sJPjH-ei6mAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:54:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:53:55.336590 2025] [security2:error] [pid 15101:tid 15106] [client 104.207.48.46:45183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nelsonyung.com"] [uri "/.svn/wc.db"] [unique_id "aSUaQ6NKS2jdjfTVKRdXKAAAAQM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:46:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:46:38.647511 2025] [security2:error] [pid 4764:tid 4764] [client 104.207.48.46:21629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.citygateinc.com"] [uri "/.svn/wc.db"] [unique_id "aSUKfmvVqP817n1Y8kZsvwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-06 15:40:09 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 18:03:56 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 David Ferneding	2025-04-04 16:33:49 (1 year ago)	Blocked by UFW (TCP on 80) Source port: 18127 TTL: 56 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 18127 TTL: 56 Packet length: 60 TOS: 0x00 This report (for 104.207.48.46) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
Anonymous	2025-04-04 09:13:48 (1 year ago)	Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 22:52:35 (1 year ago)	Attempted brute force login to web vpn 5 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 5 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 nowyouknow	2025-04-01 15:36:29 (1 year ago)	(From [email protected]) Hey Drgavingrant, What’s the first thing you do before buying from ... show more (From [email protected]) Hey Drgavingrant, What’s the first thing you do before buying from a new brand? Most customers Google it first. They want to see if it's legit. That’s why brands that display “As Seen On” logos from major media get higher conversions than those that don’t. Take Timeless Watches, for example. After getting featured in press releases picked up by Yahoo, MarketWatch, and Business Insider, they: ✅ Doubled their conversions ✅ Increased their average order value by 19% ✅ Built trust instantly with new customers The secret? They used EIN Presswire to get featured. If you’re not leveraging press releases to boost your credibility and conversions, you’re leaving money on the table. Boost Your Brand’s Authority Today https://marketersmentor.com/boost-brand-authority.php?refer=drgavingrant.com&real=yes To your success, Ariel Unsubscribe: https://marketersmentor.com/unsubscribe.php?d=drgavingrant.com&real=yes show less	Phishing Web Spam
Anonymous	2025-04-01 15:14:13 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.01 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.01 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8bf4:8001

🇺🇸 2600:1f18:3120:f504:8a59:86bb:d402:5b01

🇬🇧 185.216.145.169

🇻🇳 180.93.138.150

🇮🇳 148.113.44.101

🇨🇳 116.179.32.223

🇮🇹 79.3.96.178

🇸🇬 74.114.31.152

🇺🇸 35.188.112.111

🇺🇸 2607:f8b0:4004:c06::12d

🇧🇷 188.208.108.180

🇲🇾 175.144.238.198

🇨🇳 114.229.21.138

🇳🇵 110.34.30.120

🇺🇸 107.150.101.57

🇫🇷 91.231.89.73

🇵🇱 87.251.64.176

🇺🇸 66.132.172.224

🇬🇧 31.14.254.59

🇧🇪 23.251.137.66