JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.157

104.207.44.157 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.157

Whois 104.207.44.157

IP Abuse Reports for 104.207.44.157:

This IP address has been reported a total of 153 times from 24 distinct sources. 104.207.44.157 was first reported on June 4th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-01 01:15:02 (4 days ago)	Brute force	Brute-Force
🇵🇱 sefinek.net	2026-02-14 17:57:03 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-13 09:49:25 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 10:25:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:25:28.962751 2025] [security2:error] [pid 8781:tid 8781] [client 104.207.44.157:12041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.dwiller.com"] [uri "/.svn/wc.db"] [unique_id "aSbVmGeelteLuWHBiGGNrAAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 SkyDancer	2025-11-26 09:54:14 (6 months ago)	Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blo ... show more Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blocked by SkyDancer Ai(web-X). show less	Hacking Brute-Force
🇳🇱 i-turnradio.nl	2025-11-26 07:07:00 (6 months ago)	2025-11-26 @ 08:06:59 (CET) ~ Blocked for trying to access: /.aws/credentials	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:38:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:38:28.658513 2025] [security2:error] [pid 3599211:tid 3599225] [client 104.207.44.157:25097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.pennassociatenotary.com"] [uri "/.env"] [unique_id "aSagZCWBb6LubLi-gSEmjQAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:35:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:35:01.258719 2025] [security2:error] [pid 923728:tid 923728] [client 104.207.44.157:36741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "central-wi-coal-sales.hemihauling.com"] [uri "/.svn/wc.db"] [unique_id "aSVOFYdUIYrCL7_xvs29nAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:07:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:06:53.861900 2025] [security2:error] [pid 20846:tid 20846] [client 104.207.44.157:34049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sabbathseminars.net"] [uri "/.env"] [unique_id "aSVHfdOZeZ7YCbJJSogVxAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:51:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:51:06.718545 2025] [security2:error] [pid 20376:tid 20376] [client 104.207.44.157:45243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.hotelausland.com"] [uri "/.git/HEAD"] [unique_id "aSVDytf08UrEcp6Fob7AAgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:19:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:18:56.164340 2025] [security2:error] [pid 2992:tid 2992] [client 104.207.44.157:17655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.asterioland.com"] [uri "/.svn/wc.db"] [unique_id "aSU8QLKpFj0pKD-tu50zbwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:50:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:50:04.994131 2025] [security2:error] [pid 10785:tid 10785] [client 104.207.44.157:16669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.danproctor.com"] [uri "/.svn/wc.db"] [unique_id "aSU1fJ5JO8RPm9_WMLL6WQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:29:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:29:15.571685 2025] [security2:error] [pid 12765:tid 12765] [client 104.207.44.157:38855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "piedmontlandingpoa.com.louiebluemartini.com"] [uri "/.env"] [unique_id "aSUii-kQBweeqPPnbl_MwQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:33:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:33:36.000355 2025] [security2:error] [pid 30775:tid 30775] [client 104.207.44.157:22597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mskimberleesspace.com"] [uri "/.env"] [unique_id "aSUVf80uDuDGUQoyL2MALAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 00:04:38 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.242.226.91

🇺🇸 147.185.132.30

🇩🇪 141.11.107.166

🇺🇸 137.184.228.138

🇰🇷 1.245.74.10

🇧🇷 187.72.128.177

🇷🇴 185.53.196.238

🇨🇳 120.231.227.199

🇿🇦 102.254.13.18

🇷🇺 80.78.245.233

🇺🇸 74.125.186.89

🇬🇧 35.203.210.157

🇹🇼 198.235.24.22

🇷🇺 195.239.47.189

🇫🇮 147.185.133.254

🇱🇹 81.30.98.142

🇧🇷 45.205.1.36

🇩🇪 213.209.159.158

🇧🇪 198.235.24.165

🇺🇸 162.216.149.241