JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.45.48

104.207.45.48 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.45.48

Whois 104.207.45.48

IP Abuse Reports for 104.207.45.48:

This IP address has been reported a total of 141 times from 23 distinct sources. 104.207.45.48 was first reported on June 7th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-04-25 09:18:58 (1 month ago)	Form spam	Web Spam
🇺🇸 raiansar	2026-01-05 00:39:06 (5 months ago)	Banned by fail2ban for wordpress-login	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-01-03 03:49:26 (5 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-01-02 22:33:08 (5 months ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇦🇺 MAGIC	2025-12-07 00:01:09 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-03 10:50:46 (6 months ago)	botnet	DDoS Attack
🇦🇺 2000cn.com.au	2025-12-02 17:00:40 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 09:01:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 04:01:52.892437 2025] [security2:error] [pid 3841:tid 3841] [client 104.207.45.48:36823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gun-laws-by-state.com"] [uri "/.env"] [unique_id "aS6rADCeLYXgUKIabd_4GQAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 01:23:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 20:23:37.775091 2025] [security2:error] [pid 4768:tid 4768] [client 104.207.45.48:19489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carphotoframes.biz"] [uri "/.svn/wc.db"] [unique_id "aS4_mYqEunu-vHELH1bRZgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:10:00 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 06:24:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:23:58.815276 2025] [security2:error] [pid 14226:tid 14311] [client 104.207.45.48:21747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thetooheys.com"] [uri "/.env"] [unique_id "aSVLfpF6HRvJfyrmJlm6tQAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:43:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:43:29.897699 2025] [security2:error] [pid 6660:tid 6660] [client 104.207.45.48:16561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.khaoula.com"] [uri "/.git/HEAD"] [unique_id "aSUz8ZGdQysPf9XvVqAawgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:13:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:13:16.400047 2025] [security2:error] [pid 12804:tid 12804] [client 104.207.45.48:45825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thommesen.net"] [uri "/.git/HEAD"] [unique_id "aSUs3GpbnRtZ92ba6C3NvwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:57:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:57:50.891073 2025] [security2:error] [pid 28181:tid 28181] [client 104.207.45.48:34735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.internetnameregistration.com"] [uri "/.svn/wc.db"] [unique_id "aSUpPp55c6IUkd1XdX7GEgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-11-18 04:41:59 (6 months ago)	Form spam	Web Spam

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇲 102.23.122.235

🇨🇳 36.135.93.37

🇰🇷 34.22.82.157

🇯🇵 8.216.4.247

🇩🇪 213.209.159.242

🇧🇪 198.235.24.209

🇳🇱 176.65.139.22

🇹🇹 161.0.246.193

🇪🇬 154.177.212.14

🇺🇸 64.62.197.114

🇵🇾 45.228.139.138

🇺🇸 34.22.40.255

🇸🇬 8.219.165.219

🇬🇧 195.206.182.198

🇺🇸 185.191.171.17

🇮🇱 109.186.15.169

🇵🇰 103.72.1.123

🇵🇱 87.251.64.156

🇲🇦 81.192.46.32

🇷🇴 80.94.92.130