JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.207

104.207.44.207 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.207

Whois 104.207.44.207

IP Abuse Reports for 104.207.44.207:

This IP address has been reported a total of 139 times from 18 distinct sources. 104.207.44.207 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 vtchost.com	2026-04-07 19:50:54 (1 month ago)	web form spam ...	Web Spam
🇺🇸 TPI-Abuse	2026-02-20 10:58:36 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 05:58:30.088309 2026] [security2:error] [pid 7448:tid 7448] [client 104.207.44.207:14103] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|donnysimonton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "donnysimonton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZg-VuAJ7SbzjPVhnkz6OAAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 10:05:20 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 05:05:17.223271 2026] [security2:error] [pid 26415:tid 26415] [client 104.207.44.207:46741] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cobbwebb.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cobbwebb.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZgx3QmEK9EwKIF3mBxKIQAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-18 15:11:07 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-15 10:39:20 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-11 08:32:08 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-10 19:20:15 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 sockominfo	2025-12-03 23:23:55 (6 months ago)	[WAZUH] SUPPRESSED: IP 104.207.44.207 blocked - 8 times fired in 6 hour	Hacking Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-30 00:53:58 (6 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:55:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:55:37.240041 2025] [security2:error] [pid 21005:tid 21005] [client 104.207.44.207:54449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.flamberge.com"] [uri "/.git/HEAD"] [unique_id "aSbAiYiD7pYAgepaIgEEdAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ingroscart.it	2025-11-26 04:32:36 (6 months ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 104.207.44.207 (US/Unite ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 104.207.44.207 (US/United States/-) show less	Port Scan
🇺🇸 TPI-Abuse	2025-11-26 01:04:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:04:50.805912 2025] [security2:error] [pid 6804:tid 6804] [client 104.207.44.207:20129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.philadelphiasfirsttoastmasters.com"] [uri "/.env"] [unique_id "aSZSMgtRox0OhiMPApha0QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:30:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:30:34.952686 2025] [security2:error] [pid 16235:tid 16235] [client 104.207.44.207:9089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thestardance.com"] [uri "/.svn/wc.db"] [unique_id "aSZKKhQ3swx7viZNS7OXZQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:09:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:08:59.984584 2025] [security2:error] [pid 18684:tid 18684] [client 104.207.44.207:51571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.nationalenq.com"] [uri "/.svn/wc.db"] [unique_id "aSU5663NvTfuE3xuloB8wgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:26:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:25:59.771869 2025] [security2:error] [pid 14820:tid 14820] [client 104.207.44.207:19197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ps-omega.com"] [uri "/.env"] [unique_id "aSQWl2qxPxDic8LUJhZ0IgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 141.11.1.134

🇬🇧 87.236.176.201

🇬🇧 87.236.176.41

🇬🇧 84.32.41.64

🇬🇧 35.203.211.161

🇹🇼 220.135.82.87

🇨🇳 182.123.243.227

🇫🇮 147.185.133.103

🇨🇳 124.193.81.23

🇨🇳 120.195.31.217

🇨🇳 115.57.58.248

🇻🇳 103.75.182.132

🇺🇸 74.207.253.22

🇬🇧 45.82.76.132

🇺🇸 45.43.57.6

🇩🇪 185.220.101.141

🇩🇿 41.111.178.165

🇩🇿 41.97.93.219

🇬🇧 35.203.210.193

🇲🇳 203.23.199.88