JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.45.7

104.207.45.7 was found in our database!

This IP was reported 90 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.45.7

Whois 104.207.45.7

IP Abuse Reports for 104.207.45.7:

This IP address has been reported a total of 90 times from 19 distinct sources. 104.207.45.7 was first reported on July 3rd 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 todix	2026-06-15 00:32:57 (1 week ago)	Web App Attack Exploid from 104.207.45.7	Web App Attack
🇩🇪 FeG Deutschland	2026-06-14 10:49:54 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 Carsten	2026-05-30 21:35:16 (3 weeks ago)	bad web bot	Port Scan
Anonymous	2026-04-14 03:05:02 (2 months ago)	Blocked: Reason='Possible SQL injection activity (253/60 min)'; Requests=253	SQL Injection
🇪🇸 librebit	2026-04-08 07:29:32 (2 months ago)	Brute force	Brute-Force
🇬🇧 Swiptly	2026-01-07 16:24:27 (5 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇩🇪 HandyTreff.de	2026-01-01 13:56:13 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -71.587 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -71.587 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/120.0.0.0 show less	Bad Web Bot Web App Attack
🇨🇦 Tanados	2025-12-30 08:45:15 (5 months ago)	Blocked by UFW [80/tcp] Source port: 12653 TTL: 51 Packet length: 60 TOS: 0x00 This report was gene ... show more Blocked by UFW [80/tcp] Source port: 12653 TTL: 51 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 myagent.site	2025-12-29 06:45:28 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-29 06:23:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:23:02.497095 2025] [security2:error] [pid 13296:tid 13296] [client 104.207.45.7:19279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jamesmsmall.com"] [uri "/.svn/wc.db"] [unique_id "aVIeRqtAlG0HmNiN6-Q6DgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:57:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:57:05.592802 2025] [security2:error] [pid 4500:tid 4500] [client 104.207.45.7:20457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iostation.com"] [uri "/.env"] [unique_id "aVIKIecbj4DGTw-rOvFpJAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 15:20:31 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇦🇺 MAGIC	2025-12-07 00:01:10 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 23:22:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:22:45.259763 2025] [security2:error] [pid 13959:tid 13959] [client 104.207.45.7:35389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atmoorehealthcare.com"] [uri "/.svn/wc.db"] [unique_id "aS90xa-Hdxvep8E9KYHQAAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:12:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.45.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.45.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:12:26.056766 2025] [security2:error] [pid 26657:tid 26657] [client 104.207.45.7:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "perl-photo.com"] [uri "/.svn/wc.db"] [unique_id "aS8B2ku_c47Nhx6O50Ru8gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 90 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 213.180.203.120

🇺🇸 169.136.208.64

🇧🇷 168.0.227.214

🇧🇷 168.0.227.119

🇹🇷 91.151.95.146

🇲🇦 81.192.46.36

🇳🇱 45.148.10.141

🇻🇪 38.171.38.123

🇺🇸 20.9.26.126

🇦🇷 190.220.172.154

🇧🇷 167.249.97.32

🇧🇩 165.101.222.23

🇨🇦 142.44.233.163

🇺🇸 104.234.53.98

🇮🇳 103.233.171.196

🇫🇮 94.183.234.128

🇳🇱 91.92.40.231

🇮🇱 87.71.5.165

🇪🇪 83.166.50.15

🇪🇸 80.24.1.119