JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.11

104.207.44.11 was found in our database!

This IP was reported 87 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.11

Whois 104.207.44.11

IP Abuse Reports for 104.207.44.11:

This IP address has been reported a total of 87 times from 15 distinct sources. 104.207.44.11 was first reported on June 11th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-29 00:24:28 (1 week ago)	2.171 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
🇮🇹 VHosting	2025-12-23 18:25:04 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 09:01:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:01:30.915243 2025] [security2:error] [pid 31891:tid 31891] [client 104.207.44.11:49627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lyndon.stamford.org"] [uri "/.env"] [unique_id "aSQe6vl7KZ9aZkl5ATs4QQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:20:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:20:23.349619 2025] [security2:error] [pid 13941:tid 13999] [client 104.207.44.11:41379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ouye.org"] [uri "/.git/HEAD"] [unique_id "aSQHN_SSVFm8noxFLWxcSgAAAVU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:02:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:02:05.542095 2025] [security2:error] [pid 4198:tid 4198] [client 104.207.44.11:37595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.promoadvocate.com"] [uri "/.git/HEAD"] [unique_id "aSQC7T6g_cxyxkqAJDrXfwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:08:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:08:11.805997 2025] [security2:error] [pid 3390263:tid 3390263] [client 104.207.44.11:41823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "copiershickory.computersraleigh.com"] [uri "/.svn/wc.db"] [unique_id "aSP2Sw6Y68L-6YIjnlwhPAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:20:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:20:49.978182 2025] [security2:error] [pid 4092:tid 4092] [client 104.207.44.11:21267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.vrbsroma.com"] [uri "/.svn/wc.db"] [unique_id "aSPrMb-TwyC3wBKiHinRKwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:39:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:38:56.699573 2025] [security2:error] [pid 1990:tid 1990] [client 104.207.44.11:16775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.dogandponyband.com"] [uri "/.env"] [unique_id "aSPhYKlKSl1twibT_wwgBgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:59:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:59:19.926837 2025] [security2:error] [pid 2704:tid 2704] [client 104.207.44.11:54785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.laecovillage.org"] [uri "/.git/HEAD"] [unique_id "aSPYF4dvmu8rUT6yWhGZrgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-11-16 07:14:45 (6 months ago)		Bad Web Bot
Anonymous	2025-11-14 05:08:49 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇳🇱 i-turnradio.nl	2025-11-09 12:11:50 (6 months ago)	2025-11-09 @ 13:11:50 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
🇧🇷 hostseries	2025-10-16 11:23:51 (7 months ago)	Trigger: LF_DISTATTACK	Brute-Force
Anonymous	2025-10-16 07:40:40 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-15 15:04:09 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 87 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 94.241.143.14

🇩🇪 43.228.157.9

🇸🇬 206.206.78.248

🇩🇪 202.71.141.170

🇩🇪 195.179.230.95

🇧🇷 190.89.137.58

🇨🇴 179.33.186.150

🇭🇰 165.154.41.205

🇯🇵 139.162.70.53

🇮🇳 116.206.157.245

🇨🇳 106.41.74.90

🇺🇸 71.92.74.74

🇸🇬 43.173.180.22

🇮🇹 34.154.146.167

🇺🇸 2604:a880:2:d1:0:1:51da:d001

🇺🇸 216.73.216.212

🇺🇸 162.243.228.110

🇨🇳 101.126.22.12

🇭🇺 89.134.210.182

🇩🇪 85.235.65.194