JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.45.38

104.207.45.38 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.45.38

Whois 104.207.45.38

IP Abuse Reports for 104.207.45.38:

This IP address has been reported a total of 127 times from 12 distinct sources. 104.207.45.38 was first reported on June 11th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:00:27 (2 weeks ago)		Bad Web Bot
🇪🇸 10dencehispahard SL	2026-01-26 07:34:18 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-02 22:07:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:07:22.890678 2025] [security2:error] [pid 25871:tid 25871] [client 104.207.45.38:43857] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "njoyquilts.com"] [uri "/.git/HEAD"] [unique_id "aS9jGsH_8gSnHj00RgNAcAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:47:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:47:17.382483 2025] [security2:error] [pid 25550:tid 25550] [client 104.207.45.38:53075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mirai-labo.com"] [uri "/.git/HEAD"] [unique_id "aS8mJRzzkAlluWop5f_2YwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 16:17:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 11:17:11.819178 2025] [security2:error] [pid 19043:tid 19043] [client 104.207.45.38:36239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icoinedthewordironesty.com"] [uri "/.svn/wc.db"] [unique_id "aS8RB-lEgWq5xj4Uv4qCpgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:25:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:25:28.953370 2025] [security2:error] [pid 17184:tid 17184] [client 104.207.45.38:11277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markshvarts.com"] [uri "/.git/HEAD"] [unique_id "aS8E6Hogi7pXhBb4msqo8wAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 14:32:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 09:32:33.724212 2025] [security2:error] [pid 24291:tid 24291] [client 104.207.45.38:49269] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "friendlyfarm4fun.com"] [uri "/.env"] [unique_id "aS74gTHEvXenmFw-Cv9zVwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:48:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:48:27.749507 2025] [security2:error] [pid 28583:tid 28583] [client 104.207.45.38:22769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "five21.com"] [uri "/.env"] [unique_id "aS59qyeIku24DoYfJ6dSOgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:35:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:35:16.674378 2025] [security2:error] [pid 24105:tid 24105] [client 104.207.45.38:30373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "snapdragonworkshops.com"] [uri "/.svn/wc.db"] [unique_id "aS5shKhpW6FGIUmv3mVAJQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 23:03:39 (6 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-24. show less	Hacking Web App Attack SSH
🇳🇱 homeshowdomain.nl	2025-11-24 23:02:18 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-24	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 03:59:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:59:48.160382 2025] [security2:error] [pid 6716:tid 6716] [client 104.207.45.38:46603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cincypcs.savingshvac.com"] [uri "/.svn/wc.db"] [unique_id "aSPYNCTW7ycQDqFnt797UgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 23:06:32 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-17 21:04:27 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-16 00:34:15 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.166.84.34

🇧🇷 191.210.133.134

🇺🇸 173.255.221.189

🇺🇸 148.153.121.146

🇺🇸 64.62.156.132

🇺🇸 63.135.161.56

🇫🇷 62.210.207.172

🇭🇰 47.239.61.98

🇫🇷 37.58.136.133

🇯🇵 34.84.124.66

🇭🇰 20.205.34.2

🇳🇱 176.65.139.214

🇺🇸 172.217.37.211

🇺🇸 107.173.195.221

🇫🇷 87.253.233.170

🇧🇪 35.190.210.99

🇪🇨 181.39.158.25

🇮🇩 103.27.248.36

🇳🇱 89.190.156.9

🇺🇸 82.197.83.70