JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.123

104.207.44.123 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.123

Whois 104.207.44.123

IP Abuse Reports for 104.207.44.123:

This IP address has been reported a total of 150 times from 21 distinct sources. 104.207.44.123 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-15 12:07:23 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
🇬🇧 PeravixGroup	2026-05-07 20:18:09 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-07 11:56:33 (1 month ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 relianoid.com	2026-03-18 09:55:35 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 07:17:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:17:29.681026 2026] [security2:error] [pid 2887:tid 2887] [client 104.207.44.123:52701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kulprid.com"] [uri "/backend/.env"] [unique_id "aY7QCZX6nunkJ4ZJgX6UIAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-13 05:02:49 (4 months ago)	Try to access /api/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:24:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:24:48.076396 2026] [security2:error] [pid 25994:tid 25994] [client 104.207.44.123:54269] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirkrmartin.com"] [uri "/api/.env"] [unique_id "aY6nkCVhjbYtqCcUiPugFQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 03:06:33 (4 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 22:59:26 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 15:15:12 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:15:08.375604 2026] [security2:error] [pid 17226:tid 17226] [client 104.207.44.123:38781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bamedica.com"] [uri "/.git/config"] [unique_id "aY3ufKrJ2Wi6DzcfOVKHLgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 02:36:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:36:52.116800 2026] [security2:error] [pid 30741:tid 30741] [client 104.207.44.123:34663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cptaxadvisors.com"] [uri "/backend/.env"] [unique_id "aY08xOv1hTxX_5EuSrot1wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 18:17:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 13:17:03.633605 2026] [security2:error] [pid 30573:tid 30573] [client 104.207.44.123:19807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "educationhelptips.com"] [uri "/admin/.git/config"] [unique_id "aYzHn5Pk_R-KBB3lxFDw7wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-11 12:16:24 (4 months ago)	Blocking for trying to access an exploit file: /app/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-11 11:29:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 06:29:08.179309 2026] [security2:error] [pid 18338:tid 18338] [client 104.207.44.123:26313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "countylockup.org"] [uri "/new/.git/config"] [unique_id "aYxoBAektM-3IL0yUYsQigAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 03:47:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 22:47:18.903757 2026] [security2:error] [pid 2586326:tid 2586353] [client 104.207.44.123:34031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cornell61.org"] [uri "/api/.env"] [unique_id "aYv7xg22T0r26yshzlE4nAAAARc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 158.101.161.27

🇹🇭 182.53.207.106

🇻🇳 103.186.101.237

🇧🇪 34.62.201.7

🇺🇸 23.94.61.208

🇺🇸 2607:f8b0:4001:c14::12e

🇧🇷 205.210.31.176

🇬🇧 35.203.210.146

🇰🇷 222.232.176.7

🇫🇷 213.199.52.197

🇧🇷 205.210.31.232

🇺🇸 205.210.31.58

🇪🇸 95.175.95.172

🇳🇱 91.92.40.5

🇩🇪 4.182.219.135

🇫🇷 185.177.72.58

🇮🇷 185.155.8.37

🇺🇸 147.185.132.33

🇨🇳 112.0.139.128

🇺🇸 20.29.8.147