JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.217

104.207.44.217 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.217

Whois 104.207.44.217

IP Abuse Reports for 104.207.44.217:

This IP address has been reported a total of 148 times from 17 distinct sources. 104.207.44.217 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-02-18 22:16:48 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇦🇺 MAGIC	2025-12-26 01:13:38 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 19:46:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:46:50.615748 2025] [security2:error] [pid 3420:tid 3447] [client 104.207.44.217:21557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnetbay.com"] [uri "/.svn/wc.db"] [unique_id "aS9CKtpYnVkZuI2SUNMJygAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-02 13:22:38 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-02 08:19:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:19:47.394497 2025] [security2:error] [pid 16411:tid 16411] [client 104.207.44.217:24147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dunningtons.com"] [uri "/.svn/wc.db"] [unique_id "aS6hI5JWa9jgZ52mCjv3gAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:58:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:58:43.699145 2025] [security2:error] [pid 32177:tid 32177] [client 104.207.44.217:38241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "santasfavorites.com"] [uri "/.git/HEAD"] [unique_id "aS6cM7uj2oXy4OLItH_CJgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:04:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:04:06.457811 2025] [security2:error] [pid 22393:tid 22393] [client 104.207.44.217:49991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stereoskop.com"] [uri "/.git/HEAD"] [unique_id "aS6BVr1xBvkq7xhS-3W-1AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:34:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:34:48.391366 2025] [security2:error] [pid 2995:tid 2995] [client 104.207.44.217:20745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jkperis.com"] [uri "/.svn/wc.db"] [unique_id "aS5saPEDiEgbfPjRaevRDgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:30:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:29:53.251416 2025] [security2:error] [pid 22618:tid 22618] [client 104.207.44.217:59187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.osbyink.com"] [uri "/.env"] [unique_id "aSP7YZ9FiBOKFYulOQmL4QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-19 04:23:44 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.19 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-17 20:04:57 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 17 15:04:52.732499 2025] [security2:error] [pid 26434:tid 26462] [client 104.207.44.217:23031] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.onhemp.omegaoak.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.onhemp.omegaoak.com"] [uri "/s3cmd.ini"] [unique_id "aRt_5C5INIYazkA5tT8dygAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-16 13:29:05 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 16 08:28:57.788192 2025] [security2:error] [pid 22609:tid 22609] [client 104.207.44.217:22897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.wevfc.org"] [uri "/.env"] [unique_id "aRnRmZVKuE2oroIIY2_hIAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 16:54:44 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 14:25:10 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.44.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 09:25:06.956337 2025] [security2:error] [pid 18785:tid 18785] [client 104.207.44.217:34199] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.limosnapa.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.limosnapa.com"] [uri "/s3cmd.ini"] [unique_id "aRc7wtgDkB7JShso1QxG6gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-11 03:27:43 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.11 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.11 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇴 181.115.172.229

🇧🇷 168.194.106.103

🇨🇳 112.20.140.51

🇫🇷 83.171.226.124

🇨🇦 68.69.114.91

🇨🇳 122.224.205.42

🇹🇭 101.109.144.173

🇬🇧 87.236.176.44

🇸🇬 43.134.42.6

🇬🇧 193.32.209.240

🇮🇳 182.95.231.62

🇺🇸 151.240.101.217

🇺🇸 147.185.132.203

🇩🇪 91.98.151.17

🇺🇸 52.167.144.140

🇹🇼 198.235.24.111

🇮🇳 182.95.178.174

🇵🇰 175.107.3.106

🇳🇬 165.154.177.119

🇺🇸 147.185.132.91