JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.48.71

104.207.48.71 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.48.71

Whois 104.207.48.71

IP Abuse Reports for 104.207.48.71:

This IP address has been reported a total of 153 times from 20 distinct sources. 104.207.48.71 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 jjnxpct	2026-02-16 04:54:49 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env] show less	Hacking Web App Attack
🇺🇸 mnsf	2026-02-15 23:06:20 (3 months ago)	Scanning/Probing (28)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-02-15 12:49:22 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 BlueWire Hosting	2026-02-15 12:17:47 (3 months ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:16:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:15:53.839560 2026] [security2:error] [pid 25822:tid 25822] [client 104.207.48.71:11599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teknna.com"] [uri "/.env.production"] [unique_id "aZG4-YB2eX2gVVzUoVz65wAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-02-15 11:41:37 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇨🇭 Origon	2026-02-15 11:33:27 (3 months ago)	http-sensitive-files - IP: 104.207.48.71 - time="2026-02-15T12:33:27+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.48.71 - time="2026-02-15T12:33:27+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.48.71 (BR/200373) : 4h ban on Ip 104.207.48.71" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:57:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:57:04.660960 2026] [security2:error] [pid 18185:tid 18202] [client 104.207.48.71:47573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swizzlestick.com"] [uri "/app/.env"] [unique_id "aZFgMP5BqIWf3sZml9F7uQAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:28:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:28:51.129557 2026] [security2:error] [pid 3038:tid 3038] [client 104.207.48.71:44297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mytemp.info"] [uri "/new/.git/config"] [unique_id "aZEvYx1rCZnIr_BXLCiFEwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:57:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:57:06.291820 2026] [security2:error] [pid 2371487:tid 2371487] [client 104.207.48.71:20275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "southsideaccountingservices.com"] [uri "/.env.local"] [unique_id "aZEn8laG5Wpa2OibWiIYbwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:21:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:21:17.138072 2026] [security2:error] [pid 16796:tid 16796] [client 104.207.48.71:60273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mundanestudies.org"] [uri "/backup/.git/config"] [unique_id "aZEfjd7GdebxIVlnrWf7jQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:52:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:52:30.278730 2026] [security2:error] [pid 27008:tid 27008] [client 104.207.48.71:31567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrgutierrezshow.com"] [uri "/test/.git/config"] [unique_id "aZEYzorZs0Jz_jugqZagrwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:47:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:47:29.738732 2026] [security2:error] [pid 20570:tid 20570] [client 104.207.48.71:48851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "loftonboys.com"] [uri "/.env.production"] [unique_id "aZEJkRcaaW_WPeNlRoxRgwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:44:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.48.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:43:33.206185 2026] [security2:error] [pid 16820:tid 16820] [client 104.207.48.71:21923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "limolaketahoe.com"] [uri "/dev/.git/config"] [unique_id "aZD6lT3eUqg7zlbzKcgO_QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-14 22:06:21 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 212.39.70.195

🇨🇳 118.196.56.74

🇰🇷 14.55.31.113

🇿🇦 196.192.181.202

🇸🇬 159.65.2.17

🇨🇦 154.64.65.90

🇵🇱 143.20.97.216

🇬🇧 104.248.161.154

🇮🇩 36.81.70.131

🇸🇬 8.219.190.201

🇮🇩 203.175.125.130

🇨🇳 182.204.181.194

🇨🇿 178.72.192.11

🇮🇳 117.245.140.189

🇬🇧 89.37.172.156

🇲🇦 41.140.36.156

🇩🇪 216.25.126.14

🇺🇸 169.197.88.115

🇩🇰 152.115.85.22

🇺🇸 107.167.34.125