JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.25

104.207.44.25 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.25

Whois 104.207.44.25

IP Abuse Reports for 104.207.44.25:

This IP address has been reported a total of 80 times from 13 distinct sources. 104.207.44.25 was first reported on June 3rd 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-06 11:29:03 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.44.25 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.44.25 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-03-29 13:41:19 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.44.25 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.44.25 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:15 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-24 09:32:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:31:55.316625 2025] [security2:error] [pid 32246:tid 32246] [client 104.207.44.25:49143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lozzy.net"] [uri "/.svn/wc.db"] [unique_id "aSQmC86lQrFeCn188wJTXwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:34:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:34:53.589413 2025] [security2:error] [pid 12006:tid 12080] [client 104.207.44.25:53955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.theaquifer.org"] [uri "/.svn/wc.db"] [unique_id "aSQKnUDKyspBjqfQ2lVE5QAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-16 05:35:25 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 techboy117	2025-11-14 00:31:07 (6 months ago)	Blocking due to password spraying.	Brute-Force
Anonymous	2025-11-13 23:34:38 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-11 18:29:40 (7 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.11 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-08 00:52:13 (7 months ago)	Attempted brute force login to web vpn 48 time(s); last attempt for 2025.11.08 is noted in report ti ... show more Attempted brute force login to web vpn 48 time(s); last attempt for 2025.11.08 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 cloudmax	2025-10-27 04:11:41 (7 months ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
Anonymous	2025-10-27 03:31:43 (7 months ago)	...	Brute-Force SSH
🇨🇦 wil.com	2025-10-15 06:08:05 (7 months ago)	GlobalProtect login attempts with user ttracking.	VPN IP Brute-Force
Anonymous	2025-10-05 03:05:43 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-30 04:03:35 (8 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.09.30 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.09.30 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.186.68

🇬🇧 193.163.125.211

🇺🇸 172.191.239.155

🇭🇷 141.136.137.24

🇮🇳 135.235.138.43

🇫🇷 91.231.89.255

🇧🇬 91.92.88.195

🇫🇷 85.217.140.37

🇨🇭 85.2.29.146

🇬🇪 78.40.106.6

🇺🇸 20.169.105.57

🇨🇳 14.103.123.75

🇬🇧 5.226.140.61

🇮🇳 223.228.180.97

🇺🇸 205.210.31.95

🇬🇧 194.50.235.144

🇮🇱 192.116.46.19

🇳🇱 185.242.226.8

🇫🇷 176.137.193.206

🇺🇸 172.239.51.96