JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.166

104.207.44.166 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.166

Whois 104.207.44.166

IP Abuse Reports for 104.207.44.166:

This IP address has been reported a total of 155 times from 27 distinct sources. 104.207.44.166 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-31 10:32:58 (2 weeks ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; s ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; samples=site_wide=true \| distinct_ips=14 \| /wp-login.php show less	Hacking Web App Attack
Anonymous	2026-05-28 06:22:28 (3 weeks ago)	2026-05-28T08:22:27.818163+02:00 aion wordpress[289532]: Blocked authentication attempt for administ ... show more 2026-05-28T08:22:27.818163+02:00 aion wordpress[289532]: Blocked authentication attempt for administrator from 104.207.44.166 ... show less	Hacking Brute-Force
Anonymous	2026-05-27 14:31:45 (3 weeks ago)	[ns3.backorder.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=sit ... show more [ns3.backorder.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide=true \| distinct_ips=14 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-05-25 19:33:07 (3 weeks ago)	(y4) Failed scan -byebye- from 104.207.44.166 (US/United States/-): (CF_ENABLE)	Hacking
🇵🇱 sefinek.net	2026-03-26 14:05:16 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇹 Progetto1	2026-02-06 05:25:05 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-02-03 13:21:58 (4 months ago)	wordpress-trap	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:32:43 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇬🇧 Swiptly	2026-01-07 19:41:21 (5 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇩🇪 Teufel100	2025-12-30 06:10:54 (5 months ago)	ModSecurity rejected a query'	Hacking Brute-Force Web App Attack
Anonymous	2025-11-25 20:10:03 (6 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:28:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:27:55.890414 2025] [security2:error] [pid 24990:tid 24990] [client 104.207.44.166:42817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ferrarapanfitness.com"] [uri "/.svn/wc.db"] [unique_id "aSU-WydkmcLyo0yBOwpovAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:54:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:54:51.183015 2025] [security2:error] [pid 2345:tid 2345] [client 104.207.44.166:32263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kmnr.net"] [uri "/.env"] [unique_id "aSUoi8ok-s6ufNLuCbmSZgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:41:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:41:26.071022 2025] [security2:error] [pid 9574:tid 9574] [client 104.207.44.166:26961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.grainavi.com"] [uri "/.svn/wc.db"] [unique_id "aSUXVqCw1wFfV_bmKvWqygAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:06:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:06:27.073249 2025] [security2:error] [pid 26673:tid 26673] [client 104.207.44.166:19555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.fabandco.com"] [uri "/.git/HEAD"] [unique_id "aSUPI1rh6bPtsvpB4fpmLwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2409:40f2:10:bf87:fd96:f3ac:8888:8819

🇸🇳 213.154.80.51

🇬🇹 190.61.100.197

🇰🇷 182.31.36.202

🇺🇸 147.185.132.114

🇺🇸 147.185.132.112

🇻🇳 103.77.173.161

🇺🇸 50.6.228.32

🇳🇱 46.151.178.13

🇱🇹 45.227.254.170

🇺🇸 43.153.59.240

🇺🇸 40.124.185.206

🇺🇸 20.169.81.226

🇨🇦 15.235.27.120

🇺🇸 216.218.206.101

🇳🇱 172.211.56.214

🇺🇸 162.216.149.66

🇺🇸 139.144.239.72

🇰🇷 121.131.220.136

🇺🇸 104.252.175.172