JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.18

104.207.44.18 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.18

Whois 104.207.44.18

IP Abuse Reports for 104.207.44.18:

This IP address has been reported a total of 88 times from 17 distinct sources. 104.207.44.18 was first reported on June 7th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-15 06:29:26 (3 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
Anonymous	2026-03-15 20:40:00 (2 months ago)	VILICO WEBFORM SPAM 104.207.44.18 (104.207.44.18)	Web Spam
🇧🇷 hostseries	2025-12-24 07:08:47 (5 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇬🇧 openstrike.co.uk	2025-12-22 08:49:21 (5 months ago)	9 packets to port 2083	Port Scan
🇫🇷 ISPLtd	2025-12-07 23:34:08 (5 months ago)	Dec 7 19:34:05 104.207.44.18 TCP SPT=15403 DPT=2083 SYN Dec 7 19:34:06 104.207.44.18 TCP SPT=15403 ... show more Dec 7 19:34:05 104.207.44.18 TCP SPT=15403 DPT=2083 SYN Dec 7 19:34:06 104.207.44.18 TCP SPT=15403 DPT=2083 SYN Dec 7 19:34:07 104.207.44.18 TCP SPT=15403 DPT=2083 ... show less	Port Scan
Anonymous	2025-11-26 12:43:00 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 03:16:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:16:43.525236 2025] [security2:error] [pid 25558:tid 25558] [client 104.207.44.18:34803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gavinnine.com.evannine.com"] [uri "/.env"] [unique_id "aSZxGxpby11sTfiBEihcdgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:33:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:33:29.278586 2025] [security2:error] [pid 14909:tid 14909] [client 104.207.44.18:42147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.evelowerealtor.com"] [uri "/.git/HEAD"] [unique_id "aSZK2Zk_XzV5wN8VJI6BrAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:58:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:58:18.883227 2025] [security2:error] [pid 5089:tid 5089] [client 104.207.44.18:10433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.escribaniasmith.com.ar"] [uri "/.env"] [unique_id "aSQsOu64mtENfxsQsCQ2_gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:11:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:10:44.844384 2025] [security2:error] [pid 2597:tid 2597] [client 104.207.44.18:12691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.champions-in-arms.com"] [uri "/.env"] [unique_id "aSQTBFgQPnBrSERpPYHSXgAAADE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2025-11-24 06:48:26 (6 months ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2025-11-24 04:02:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:02:25.743064 2025] [security2:error] [pid 12209:tid 12209] [client 104.207.44.18:58295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.originalmobiliario.com"] [uri "/.env"] [unique_id "aSPY0fzoUjxLOb5BdoMJCQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-11-19 06:47:35 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-18 00:45:40 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 03:06:47 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 213.142.156.145

🇮🇩 202.51.214.98

🇳🇱 193.176.31.219

🇸🇬 159.65.0.102

🇩🇪 130.12.181.105

🇧🇩 118.179.102.248

🇷🇴 80.94.92.184

🇺🇸 66.132.172.193

🇨🇳 58.211.39.86

🇰🇿 46.42.239.93

🇳🇱 45.148.10.147

🇺🇸 216.218.206.77

🇨🇳 120.48.75.127

🇳🇱 45.148.10.183

🇬🇧 217.146.80.123

🇬🇧 193.176.29.16

🇭🇰 152.32.226.205

🇰🇷 106.246.224.218

🇮🇳 103.168.240.122

🇮🇳 103.147.248.44