JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.45.52

104.207.45.52 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.45.52

Whois 104.207.45.52

IP Abuse Reports for 104.207.45.52:

This IP address has been reported a total of 155 times from 25 distinct sources. 104.207.45.52 was first reported on June 6th 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-06 13:58:45 (8 hours ago)	dot file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:26:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:26:41.072298 2026] [security2:error] [pid 13367:tid 13367] [client 104.207.45.52:44121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lazymanvegan.com"] [uri "/test/.git/config"] [unique_id "aY8mkf3CFN0oZ7ZxEs1T4AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:40:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:40:27.969089 2026] [security2:error] [pid 13720:tid 13720] [client 104.207.45.52:31907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "microbikinitop.com"] [uri "/dev/.git/config"] [unique_id "aY8bu0rN-7KzWAcYvYeTIgAAAHE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-13 04:48:26 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/config (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/config] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:46:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:46:49.388421 2026] [security2:error] [pid 28432:tid 28432] [client 104.207.45.52:22483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mark.rawlings.name"] [uri "/.env"] [unique_id "aY6eqaCdIokNj1-PA8z53AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:00:18 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 16:06:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:05:57.963143 2026] [security2:error] [pid 16061:tid 16061] [client 104.207.45.52:45771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "directnic-support.rocks"] [uri "/.git/config"] [unique_id "aY36ZW8UT9nWNXoRsM4XUwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:08:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:08:01.220144 2026] [security2:error] [pid 3287:tid 3287] [client 104.207.45.52:57381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "corepsychotherapycenter.com"] [uri "/.git/config"] [unique_id "aY3s0VeNGDGLZkgl4FrkmQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 07:57:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 02:57:40.130508 2026] [security2:error] [pid 17584:tid 17596] [client 104.207.45.52:17867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabegabel.com"] [uri "/frontend/.env"] [unique_id "aYw2dLU4iJCVzsQgfFvdfAAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 22:16:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 17:16:05.959104 2026] [security2:error] [pid 31192:tid 31192] [client 104.207.45.52:24607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingangelinvestors.com"] [uri "/.env.local"] [unique_id "aYuuJTS-ABZ9tPin-ObOGAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:34:22 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇳🇱 Mangelot Hosting	2026-01-17 10:36:34 (4 months ago)	(bad_user_agent) srv103 Bad User-Agent 104.207.45.52 (US/United States/-): 10 in the last 3600 secs; ... show more (bad_user_agent) srv103 Bad User-Agent 104.207.45.52 (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:16 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 COMPLEX	2025-12-14 23:07:46 (5 months ago)	Triggered Cloudflare WAF (l7ddos) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protoc ... show more Triggered Cloudflare WAF (l7ddos) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: / show less	DDoS Attack Bad Web Bot
Anonymous	2025-12-12 18:15:52 (5 months ago)	botnet	DDoS Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.148.10.147

🇮🇳 20.219.39.254

🇺🇸 216.24.219.147

🇪🇸 196.196.150.5

🇨🇦 192.95.10.204

🇹🇭 182.52.50.193

🇬🇧 176.35.253.54

🇺🇸 172.56.216.217

🇺🇸 162.216.150.223

🇫🇷 79.143.189.29

🇳🇱 46.151.178.13

🇳🇱 45.148.10.152

🇹🇼 202.39.153.245

🇩🇪 165.227.170.113

🇲🇾 60.54.181.113

🇧🇷 43.157.180.116

🇨🇳 39.96.159.29

🇺🇸 20.127.202.110

🇮🇪 3.250.69.79

🇷🇴 2.57.122.238