JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.61.48

104.207.61.48 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.61.48

Whois 104.207.61.48

IP Abuse Reports for 104.207.61.48:

This IP address has been reported a total of 134 times from 16 distinct sources. 104.207.61.48 was first reported on June 20th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Reinhard	2026-05-30 10:11:03 (1 week ago)	Parameter or path manipulation, hacking. /dump.sql	Hacking
Anonymous	2025-12-21 12:36:15 (5 months ago)	Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 23:01:34 (5 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇵🇱 sefinek.net	2025-12-12 21:29:32 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 Burayot	2025-12-11 03:53:42 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.61.48 (CA/Canada/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.61.48 (CA/Canada/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-12-07 12:08:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:08:18.684813 2025] [security2:error] [pid 25821:tid 25833] [client 104.207.61.48:40745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advertisingfirm.org"] [uri "/.git/HEAD"] [unique_id "aTVuMmFzg3cGrUb-LHwAtQAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 10:53:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 05:53:20.176312 2025] [security2:error] [pid 4775:tid 4775] [client 104.207.61.48:11387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bofill.name"] [uri "/.svn/wc.db"] [unique_id "aTQLIPUkFo5a5g1qmZIseQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:33:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:33:10.418819 2025] [security2:error] [pid 14317:tid 14317] [client 104.207.61.48:51165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metcomarine.com"] [uri "/.git/HEAD"] [unique_id "aTJultOUpeSdfWoWiPbPIgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 04:44:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 23:44:15.913556 2025] [security2:error] [pid 23377:tid 23377] [client 104.207.61.48:12557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diuana.com"] [uri "/.env"] [unique_id "aTJjH6mk4SVZSi9NjpV6OQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:02:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:02:55.239566 2025] [security2:error] [pid 1070:tid 1070] [client 104.207.61.48:15495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cariofarm.caribbeancoders.com"] [uri "/.svn/wc.db"] [unique_id "aSaYD3IzcKvlIfXuQuzYzwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:39:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:39:47.782897 2025] [security2:error] [pid 16934:tid 16967] [client 104.207.61.48:41587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.boracayboats.com"] [uri "/.svn/wc.db"] [unique_id "aSaSoxKESCEx-WKRVnsmkQAAAYM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:54:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:54:38.651651 2025] [security2:error] [pid 4085:tid 4085] [client 104.207.61.48:23673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.timjbutler.com"] [uri "/.svn/wc.db"] [unique_id "aSZr7mxskZFoonBCMTmJTQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:16:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:16:52.577304 2025] [security2:error] [pid 1341:tid 1341] [client 104.207.61.48:56381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.anywheregarden.com"] [uri "/.svn/wc.db"] [unique_id "aSZVBDZbbdMQK42IsxDA-QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:38:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.61.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:38:02.435521 2025] [security2:error] [pid 801837:tid 801837] [client 104.207.61.48:38367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kobraagencies.com"] [uri "/.git/HEAD"] [unique_id "aSUyqp-a1lLN0yLai7psmgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.223.152.168

🇷🇺 185.40.30.168

🇿🇦 105.28.108.165

🇨🇳 221.202.230.235

🇲🇿 197.158.0.176

🇫🇷 172.234.162.226

🇰🇷 58.224.62.29

🇲🇾 47.250.155.223

🇳🇱 45.156.128.130

🇭🇰 144.86.173.186

🇰🇷 125.138.70.110

🇨🇭 104.244.76.136

🇫🇷 85.217.140.38

🇳🇱 45.148.10.157

🇸🇬 43.106.83.236

🇺🇸 129.212.183.98

🇨🇳 122.227.137.54

🇭🇰 118.107.16.252

🇳🇬 105.127.15.96

🇬🇧 45.137.126.68