JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.45.254

104.207.45.254 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.45.254

Whois 104.207.45.254

IP Abuse Reports for 104.207.45.254:

This IP address has been reported a total of 146 times from 16 distinct sources. 104.207.45.254 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 04:03:37 (3 weeks ago)	Brute force	Brute-Force
Anonymous	2026-04-13 23:42:16 (1 month ago)	Attempt to scan vulnerabilities	Hacking
Anonymous	2026-04-12 06:09:49 (1 month ago)	Attempt to scan vulnerabilities	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-24 03:19:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 22:18:55.370690 2026] [security2:error] [pid 13466:tid 13466] [client 104.207.45.254:22169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smokeydoesit.com.pages4you.com"] [uri "/.git/config"] [unique_id "aZ0Yn333Za2d0URTAPCXpgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 09:37:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 04:37:04.574674 2026] [security2:error] [pid 13500:tid 13500] [client 104.207.45.254:40251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iliketoruntoo.banis-associates.com"] [uri "/.git/config"] [unique_id "aZwfwMqU_AcAZLI5hGelBwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 03:10:34 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-14 14:43:55 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-27 12:30:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 07:30:15.329468 2025] [security2:error] [pid 29552:tid 29562] [client 104.207.45.254:11377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mjkotob.com"] [uri "/.svn/wc.db"] [unique_id "aShEVynAy-WiAGFsDuSbtQAAAQY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 06:20:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 01:20:38.395739 2025] [security2:error] [pid 29331:tid 29331] [client 104.207.45.254:48181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.phenoxcaribbean.com"] [uri "/.env"] [unique_id "aSfttqX75RWW3jlg4LcOxQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 21:17:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 16:17:08.618499 2025] [security2:error] [pid 18204:tid 18204] [client 104.207.45.254:29539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.wfowisdom.com"] [uri "/.git/HEAD"] [unique_id "aSduVGPce2XYvd2bvt9qwwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:31:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:31:27.212641 2025] [security2:error] [pid 29619:tid 29619] [client 104.207.45.254:50997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.reparcol.es"] [uri "/.svn/wc.db"] [unique_id "aSbW_82ZjiY_WDj9ZpnXDQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:04:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:04:41.024119 2025] [security2:error] [pid 6500:tid 6500] [client 104.207.45.254:11415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jamworldmovements.com"] [uri "/.svn/wc.db"] [unique_id "aSamib5aPDxJt88ARurQ7QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:19:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:19:44.475908 2025] [security2:error] [pid 7228:tid 7228] [client 104.207.45.254:59801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "propertygalleria.vittariadesign.com"] [uri "/.env"] [unique_id "aSacAEx4jCCPDRBtmA-uLAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:01:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:01:27.542917 2025] [security2:error] [pid 22915:tid 22915] [client 104.207.45.254:23973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.primedancer.com"] [uri "/.env"] [unique_id "aSaXt7JBUeq0tdwKtnjmhQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 176.36.139.231

🇺🇸 156.67.71.203

🇩🇪 37.46.18.151

🇬🇧 31.14.254.13

🇧🇪 2a00:1450:400c:c1d::12b

🇱🇰 220.247.224.226

🇨🇭 209.99.186.114

🇩🇪 139.162.143.196

🇮🇳 103.16.31.204

🇨🇳 14.103.245.58

🇩🇪 217.160.224.99

🇮🇩 139.0.23.124

🇨🇳 120.27.136.38

🇰🇭 116.212.133.42

🇰🇷 112.216.129.27

🇷🇴 109.103.66.60

🇸🇬 103.134.154.36

🇺🇸 96.127.152.236

🇳🇱 77.167.80.185

🇳🇱 31.56.209.34