JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.181

104.207.44.181 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.181

Whois 104.207.44.181

IP Abuse Reports for 104.207.44.181:

This IP address has been reported a total of 131 times from 20 distinct sources. 104.207.44.181 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇨🇳 ThreatBook.io	2026-01-14 01:10:44 (4 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/104.207.44.181 2 ... show more ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/104.207.44.181 2026-01-13 10:14:59 /.svn/wc.db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-01-13 12:00:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:00:45.063922 2026] [security2:error] [pid 296638:tid 296638] [client 104.207.44.181:15447] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "realestatemedia.co.uk"] [uri "/.env"] [unique_id "aWYz7YJ3fnsMsEeSCKOPEAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇴 directorioeducativo.com	2026-01-13 02:14:07 (4 months ago)	GET URL: "/.git/HEAD"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHT ... show more GET URL: "/.git/HEAD"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Web App Attack
🇨🇭 backslash	2025-12-30 12:10:05 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇬🇧 Steve	2025-12-10 05:24:43 (5 months ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
🇦🇺 oncord	2025-12-09 00:02:52 (5 months ago)	Form spam	Web Spam
Anonymous	2025-12-02 18:57:03 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 06:37:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:37:26.477520 2025] [security2:error] [pid 10583:tid 10583] [client 104.207.44.181:22403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.tonyvillasenor.com"] [uri "/.svn/wc.db"] [unique_id "aSVOptBfWjhvlyFhDt26KQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:47:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:47:10.724268 2025] [security2:error] [pid 2460:tid 2460] [client 104.207.44.181:43969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elimer.com.ve"] [uri "/.env"] [unique_id "aSVC3qi3DWjAhBdxTGRY6AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:48:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:48:40.793282 2025] [security2:error] [pid 32546:tid 32546] [client 104.207.44.181:27521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drpeppard.com"] [uri "/.env"] [unique_id "aSU1KKBoaOtnd4k9hdrv7QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:28:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:28:11.962678 2025] [security2:error] [pid 28826:tid 28873] [client 104.207.44.181:37093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cwpianolessons.com"] [uri "/.git/HEAD"] [unique_id "aSUUO8WWe4FWNi79sDU4xQAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-20 02:55:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 19 21:55:18.938656 2025] [security2:error] [pid 22432:tid 22432] [client 104.207.44.181:20681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brittb.com"] [uri "/bak.htaccess"] [unique_id "aR6DFni2yOKkubNl7YEroAAAAA0"], referer: https://brittb.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 20:18:53 (6 months ago)	(wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 104 ... show more (wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 104.207.44.181 (US/United States/-) show less	Brute-Force
Anonymous	2025-11-14 05:20:48 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.86

🇨🇳 180.184.84.77

🇹🇬 156.38.73.89

🇷🇴 92.118.39.223

🇷🇺 88.205.172.170

🇺🇸 74.179.68.15

🇺🇸 73.30.91.185

🇺🇸 64.72.74.162

🇲🇦 45.216.141.103

🇧🇷 45.205.1.247

🇳🇱 45.148.145.60

🇳🇱 45.148.10.152

🇮🇳 20.204.24.244

🇨🇳 183.61.109.222

🇺🇸 172.236.111.128

🇩🇪 162.19.243.145

🇨🇳 121.29.149.160

🇨🇳 117.69.235.5

🇳🇱 88.151.32.9

🇳🇱 81.19.216.101