JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.148

104.207.44.148 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.148

Whois 104.207.44.148

IP Abuse Reports for 104.207.44.148:

This IP address has been reported a total of 142 times from 23 distinct sources. 104.207.44.148 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-05-21 19:53:44 (2 weeks ago)	(wordpress) Failed wordpress login from 104.207.44.148 (US/United States/Virginia/Ashburn/-/[redacte ... show more (wordpress) Failed wordpress login from 104.207.44.148 (US/United States/Virginia/Ashburn/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇪🇸 librebit	2026-03-21 01:02:15 (2 months ago)	Brute force	Brute-Force
🇩🇪 F242	2026-01-30 05:10:34 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 TPI-Abuse	2026-01-02 20:06:58 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 15:06:52.973109 2026] [security2:error] [pid 624:tid 624] [client 104.207.44.148:12065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pastorjohndunning.com"] [uri "/.git/HEAD"] [unique_id "aVglXCipXvqeRIIwMp4T3AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-21 12:17:03 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-06 10:16:49 (6 months ago)	WP Login Scan Activities	Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-24 22:59:25 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-24	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-24 04:56:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:56:41.678835 2025] [security2:error] [pid 15038:tid 15038] [client 104.207.44.148:21359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tjsworld.net"] [uri "/.env"] [unique_id "aSPliSUzc4_TI40t95J19AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:01:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:01:12.120521 2025] [security2:error] [pid 8320:tid 8320] [client 104.207.44.148:45631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.dmbarlow.us"] [uri "/.env"] [unique_id "aSPYiIiLEHYgWrtsUAJgtAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:39:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:39:03.564427 2025] [security2:error] [pid 15794:tid 15799] [client 104.207.44.148:16553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "2291106.com"] [uri "/.git/HEAD"] [unique_id "aSPTV033WdBY9AO05A3voQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 02:26:25 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-01 19:33:49 (7 months ago)	[redacted] 104.207.44.148 - - [01/Nov/2025:20:33:29 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" " ... show more [redacted] 104.207.44.148 - - [01/Nov/2025:20:33:29 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; Windows NT 5.1; SV1; .NET CLR 1.1.4322)" [redacted] 104.207.44.148 - - [01/Nov/2025:20:33:39 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; en-us) AppleWebKit/533.16 (KHTML, like Gecko) Version/5.0 Safari/533.16" [redacted] 104.207.44.148 - - [01/Nov/2025:20:33:40 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_6; en-us) AppleWebKit/525.27.1 (KHTML, like Gecko) Version/3.2.1 Safari/525.27.1" [redacted] 104.207.44.148 - - [01/Nov/2025:20:33:41 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53" [redacted] 104.207.44.1 ... show less	Hacking Web App Attack
🇩🇪 Marc	2025-10-29 19:49:05 (7 months ago)		Brute-Force Web App Attack
🇦🇺 AWW-Admin	2025-10-29 16:19:32 (7 months ago)	(wordpress) Failed wordpress login from 104.207.44.148 (US/United States/-)	Brute-Force
🇮🇩 BPS-StatisticsIndonesia	2025-10-28 20:20:40 (7 months ago)	WP Login Scan Activities	Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 144.48.130.189

🇹🇷 78.173.8.239

🇰🇷 59.15.58.148

🇺🇸 38.77.223.157

🇦🇺 34.129.40.198

🇰🇷 222.107.156.227

🇪🇹 213.55.92.81

🇮🇳 151.158.52.51

🇵🇱 87.251.64.146

🇰🇷 34.64.198.200

🇳🇱 213.177.179.157

🇨🇱 201.241.178.136

🇵🇱 195.3.220.7

🇳🇱 176.65.149.220

🇳🇱 159.223.213.49

🇮🇳 152.59.147.101

🇩🇪 144.31.80.14

🇩🇪 93.200.155.148

🇪🇸 81.43.131.250

🇫🇮 74.125.46.30