JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.116

104.207.44.116 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.116

Whois 104.207.44.116

IP Abuse Reports for 104.207.44.116:

This IP address has been reported a total of 145 times from 24 distinct sources. 104.207.44.116 was first reported on June 8th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-20 03:32:25 (2 days ago)	Web App Attack	Web App Attack
🇪🇸 librebit	2026-05-17 04:45:07 (1 month ago)	Brute force	Brute-Force
🇩🇪 HandyTreff.de	2026-04-14 15:59:03 (2 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -102.265 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -102.265 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (compatible; SecurityScanner/1.0) show less	Web App Attack Bad Web Bot
🇬🇧 relianoid.com	2025-12-22 16:22:54 (5 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇱🇻 garmtech.com	2025-11-28 10:02:33 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 12-02.104.207.44.116.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 12-02.104.207.44.116.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:23:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:22:57.486800 2025] [security2:error] [pid 23542:tid 23542] [client 104.207.44.116:14383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.southernislands.com"] [uri "/.env"] [unique_id "aSVZUeB73MIvlPhGqNLiQAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:34:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:33:57.954233 2025] [security2:error] [pid 4305:tid 4305] [client 104.207.44.116:23277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mldlnn.com"] [uri "/.git/HEAD"] [unique_id "aSVN1UM_HMFB74P1rwM_YAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:18:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:18:04.264098 2025] [security2:error] [pid 22419:tid 22419] [client 104.207.44.116:45965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "doctorbalog.com"] [uri "/.env"] [unique_id "aSUt_HF7Uq3iRsyD7mkrXAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:19:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:18:57.614359 2025] [security2:error] [pid 8271:tid 8271] [client 104.207.44.116:55561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sfpantry.com"] [uri "/.svn/wc.db"] [unique_id "aSQU8Q121rjTgjQT3-7jKAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:32:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:21.741816 2025] [security2:error] [pid 20156:tid 20156] [client 104.207.44.116:19295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.alan-ip.com"] [uri "/.env"] [unique_id "aSPf1fCDqchwYnKmSJQcvQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:16:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:16:51.140849 2025] [security2:error] [pid 26359:tid 26359] [client 104.207.44.116:11115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.conventfriends.org"] [uri "/.svn/wc.db"] [unique_id "aSPcM1nRs2pPyYJt_5TdHAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 22:22:23 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇭🇺 bcsaba	2025-10-30 09:12:31 (7 months ago)	CMS (WordPress or Joomla) login attempt. 104.207.44.116 - - [30/Oct/2025:10:12:26 +0100] "POST /wp-l ... show more CMS (WordPress or Joomla) login attempt. 104.207.44.116 - - [30/Oct/2025:10:12:26 +0100] "POST /wp-login.php HTTP/1.1" 200 11063 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0" show less	Hacking Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-29 07:55:42 (7 months ago)	GlobalProtect login attempts with user mwaltzer.	VPN IP Brute-Force
🇨🇦 wil.com	2025-10-29 06:54:49 (7 months ago)	GlobalProtect login attempts with user schoenweitz.	VPN IP Brute-Force

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 192.177.153.151

🇨🇳 218.78.60.105

🇳🇱 195.178.110.26

🇳🇱 193.142.146.55

🇨🇳 47.92.248.102

🇵🇰 2400:adc1:174:c300:50e6:8ded:e67:4244

🇷🇴 193.46.255.86

🇨🇳 180.123.107.218

🇧🇷 128.201.45.150

🇻🇳 113.190.40.93

🇺🇸 107.167.232.11

🇺🇸 3.83.188.121

🇬🇧 217.146.80.109

🇺🇦 194.42.205.100

🇧🇷 177.129.252.53

🇸🇬 172.217.47.26

🇮🇩 160.25.46.84

🇺🇸 150.107.38.213

🇬🇧 138.68.153.47

🇻🇳 113.163.105.62