JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.45.2

104.207.45.2 was found in our database!

This IP was reported 94 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.45.2

Whois 104.207.45.2

IP Abuse Reports for 104.207.45.2:

This IP address has been reported a total of 94 times from 20 distinct sources. 104.207.45.2 was first reported on June 12th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-03 23:12:41 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 jjnxpct	2026-02-19 04:50:41 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env] show less	Web App Attack Hacking
🇩🇪 Petros Stefanakis	2026-02-18 02:32:01 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.45.2 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-18 02:05:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:04:58.584735 2026] [security2:error] [pid 14090:tid 14090] [client 104.207.45.2:32019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-cook-islands.com"] [uri "/frontend/.env"] [unique_id "aZUeSsWslXOq40Zp2vwz1gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:50:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:50:16.637028 2026] [security2:error] [pid 23697:tid 23697] [client 104.207.45.2:46619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulshorrock.com"] [uri "/.env.production"] [unique_id "aZUMyGd_xT2RkiH2rjGcawAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-26 21:01:21 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:02:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:02:27.636624 2025] [security2:error] [pid 13718:tid 13718] [client 104.207.45.2:25453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thingstodonude.com"] [uri "/.svn/wc.db"] [unique_id "aSQfI1xdzCaBQmWqAdUdKQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:17:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:17:18.657770 2025] [security2:error] [pid 8528:tid 8528] [client 104.207.45.2:9705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ik3co.com"] [uri "/.svn/wc.db"] [unique_id "aSQGfprd1YwY-bgTspV5gAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:37:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:37:05.335633 2025] [security2:error] [pid 4851:tid 4851] [client 104.207.45.2:32039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.blucielocapital.com"] [uri "/.env"] [unique_id "aSPvAQbNDr4l8xhvqZZIvAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:48:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:48:26.580973 2025] [security2:error] [pid 19766:tid 19766] [client 104.207.45.2:38339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bradjohnsonqh.com"] [uri "/.svn/wc.db"] [unique_id "aSPjmqUYizGdxHR7zGAC5QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:22:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:22:30.839180 2025] [security2:error] [pid 4992:tid 4992] [client 104.207.45.2:38529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.pelicancovecondo.com"] [uri "/.git/HEAD"] [unique_id "aSPdhg4u_-l4K6q9AdHfiwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-29 14:24:19 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇿 lp	2025-10-17 21:19:55 (7 months ago)	SSH Brute force: 1 attempts were recorded from 104.207.45.2 2025-10-17T22:21:55+02:00 Connection clo ... show more SSH Brute force: 1 attempts were recorded from 104.207.45.2 2025-10-17T22:21:55+02:00 Connection closed by authenticating user root 104.207.45.2 port 54313 [preauth] show less	Brute-Force SSH
Anonymous	2025-10-17 20:11:41 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 94 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 184.105.139.90

🇧🇷 205.210.31.141

🇺🇸 162.216.149.129

🇫🇮 147.185.133.72

🇨🇳 114.220.176.69

🇪🇪 109.206.241.199

🇺🇸 103.234.62.70

🇺🇸 91.230.168.106

🇳🇱 85.11.167.7

🇷🇴 80.94.92.168

🇺🇸 66.249.66.72

🇺🇸 64.62.156.50

🇺🇸 216.25.89.156

🇩🇪 213.209.159.56

🇬🇧 213.166.84.39

🇧🇪 198.235.24.162

🇸🇬 194.164.107.4

🇧🇴 181.115.161.122

🇳🇱 176.65.148.244

🇦🇷 168.197.250.14