JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.244

104.207.44.244 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.244

Whois 104.207.44.244

IP Abuse Reports for 104.207.44.244:

This IP address has been reported a total of 138 times from 21 distinct sources. 104.207.44.244 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-03-29 07:45:25 (2 months ago)	Brute force	Brute-Force
🇫🇷 Jean Valjean	2026-01-04 17:52:01 (5 months ago)	Fail2ban Caboom : xmlrpc.php Abuse	SQL Injection Web App Attack
🇫🇷 mrcrassi	2025-12-23 06:23:41 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-22 14:31:07 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇫🇷 mrcrassi	2025-12-11 20:25:12 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 05:59:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:59:09.713685 2025] [security2:error] [pid 21408:tid 21408] [client 104.207.44.244:35101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tedharris.com"] [uri "/.env"] [unique_id "aSaXLaE9fsbCKhnZTVhtJAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:27:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:26:58.354598 2025] [security2:error] [pid 21165:tid 21165] [client 104.207.44.244:17843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.weddingmonogramnapkins.com"] [uri "/.svn/wc.db"] [unique_id "aSaPouetFQkJlAQhAGW2QwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:21:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:21:21.006596 2025] [security2:error] [pid 8045:tid 8045] [client 104.207.44.244:29879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.brewerfs.com"] [uri "/.env"] [unique_id "aSZkIeETMquWDZumX47nXAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:42:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:41:59.865232 2025] [security2:error] [pid 24123:tid 24123] [client 104.207.44.244:11357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.appliedcam.com"] [uri "/.svn/wc.db"] [unique_id "aSZM1-fY4svrz7K424W2FwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:13:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:13:37.882054 2025] [security2:error] [pid 4133561:tid 4133566] [client 104.207.44.244:22871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.tributetoalice.com"] [uri "/.git/HEAD"] [unique_id "aSP3kc6lE8qghk7QOEVj_AAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:33:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:50.953590 2025] [security2:error] [pid 20829:tid 20829] [client 104.207.44.244:60025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.darrinlauritzen.com"] [uri "/.svn/wc.db"] [unique_id "aSPf8plHctTfF5RD6PYp_AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 13:26:17 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇫🇷 ✨	2025-11-03 16:48:01 (7 months ago)	Domain : todoparatuboda.net Rule : config 2025-11-03 16:46:12 152.53.151.170 GET /.aws/credentials - ... show more Domain : todoparatuboda.net Rule : config 2025-11-03 16:46:12 152.53.151.170 GET /.aws/credentials - 80 - 172.71.190.207 HTTP/1.1 Mozilla/5.0 (Linux; Android 6.0; Nexus 5X Build/MDB08L) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/537.36 - todoparatuboda.net 404 0 0 10685 482 186 - 104.207.44.244 show less	Hacking SQL Injection
Anonymous	2025-10-18 11:31:35 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
🇧🇷 hostseries	2025-10-16 10:05:53 (7 months ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.124.20.252

🇸🇬 193.37.32.95

🇺🇸 172.217.107.152

🇧🇩 119.40.89.57

🇺🇸 74.82.47.4

🇸🇬 47.84.132.180

🇬🇧 2a06:4880:2000::29

🇸🇪 85.203.44.147

🇨🇴 69.6.234.27

🇩🇪 176.65.132.129

🇨🇳 171.83.81.122

🇺🇸 167.88.165.96

🇨🇳 118.145.131.27

🇨🇳 112.46.214.57

🇺🇸 64.62.197.120

🇮🇳 49.37.35.147

🇱🇹 45.227.254.170

🇹🇿 41.93.28.23

🇻🇳 2001:ee0:4f8d:1e50:c9d0:260c:34bb:77f2

🇺🇸 69.73.187.130