JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.45.151

104.207.45.151 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.45.151

Whois 104.207.45.151

IP Abuse Reports for 104.207.45.151:

This IP address has been reported a total of 140 times from 22 distinct sources. 104.207.45.151 was first reported on May 24th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 04:08:05 (2 weeks ago)	Brute force	Brute-Force
Anonymous	2026-04-28 08:57:40 (1 month ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-11 20:18:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:18:49.518611 2026] [security2:error] [pid 10909:tid 10909] [client 104.207.45.151:22431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archmediaptyltd.com"] [uri "/.env.save"] [unique_id "aYzkKWG7wQdu1I8Tty9E8AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:23:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:23:49.081283 2026] [security2:error] [pid 30640:tid 30640] [client 104.207.45.151:33677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kircali.net"] [uri "/admin/.env"] [unique_id "aYqkxftap9gBUjMJK3aZ2gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:04:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:04:32.743791 2026] [security2:error] [pid 3602:tid 3602] [client 104.207.45.151:13997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madrigalscripts.com"] [uri "/app/.git/config"] [unique_id "aYqgQKQGdceFY66cdFtGGQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:23:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:23:25.686932 2026] [security2:error] [pid 5269:tid 5294] [client 104.207.45.151:22145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimbleproperties.com"] [uri "/app/.env"] [unique_id "aYqWnbk8htmo_Z-NcJ698AAAAJc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 02:18:26 (3 months ago)	Blocking for trying to access an exploit file: /app/.git/config	Hacking
🇬🇧 poundawebsiteltd	2026-02-09 22:01:58 (3 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 104.207.45.151 - - [09/Feb/2026:2 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 104.207.45.151 - - [09/Feb/2026:22:01:52 +0000] GET /dev/.git/config HTTP/1.1 403 214 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Web App Attack
🇨🇳 ThreatBook.io	2026-01-15 01:26:11 (4 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/104.207.45.151 20 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/104.207.45.151 2026-01-14 06:34:49 /.git/HEAD show less	Web App Attack
🇮🇹 Rosh	2026-01-12 08:52:23 (4 months ago)	[01/12/26 09:52:23] 1 attack: /wp-login.php (severity 10);	Web App Attack
Anonymous	2026-01-11 20:25:15 (4 months ago)	"GET /wp-login.php HTTP/1.1"	Hacking Web App Attack
Anonymous	2025-12-11 16:05:21 (5 months ago)	botnet	DDoS Attack
🇨🇭 backslash	2025-12-02 14:50:03 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-01 03:24:36 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 30 22:24:31.024963 2025] [security2:error] [pid 22680:tid 22680] [client 104.207.45.151:58151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|renjunews.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "renjunews.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aS0Kbwr5ykgBVHtpQcZKEAAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:17:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:17:38.986700 2025] [security2:error] [pid 20932:tid 20932] [client 104.207.45.151:14165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.parastesh.org"] [uri "/.env"] [unique_id "aSPcYs92rRMST9PSBEU0FwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.189.102.143

🇺🇸 185.149.26.71

🇻🇳 118.70.13.2

🇰🇷 112.216.129.27

🇧🇬 91.191.209.98

🇳🇱 85.121.127.159

🇩🇪 213.209.159.56

🇧🇷 205.210.31.180

🇬🇧 195.140.214.30

🇺🇸 35.202.9.133

🇮🇷 5.202.169.252

🇨🇳 223.111.114.4

🇺🇸 173.239.213.14

🇯🇵 133.18.180.27

🇨🇳 122.244.59.186

🇧🇪 104.199.38.93

🇺🇸 104.131.36.27

🇮🇳 103.230.155.34

🇮🇳 103.20.231.11

🇺🇸 66.132.195.22