JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.250

104.207.44.250 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.250

Whois 104.207.44.250

IP Abuse Reports for 104.207.44.250:

This IP address has been reported a total of 146 times from 18 distinct sources. 104.207.44.250 was first reported on June 6th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-02-18 22:11:29 (4 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇮🇹 VHosting	2025-12-23 14:35:31 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-10 12:52:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 07:52:26.503466 2025] [security2:error] [pid 548:tid 548] [client 104.207.44.250:13303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cassialifesci.com"] [uri "/.env"] [unique_id "aTltCp79hhuUEj3yttXQSgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 10:06:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 05:06:06.409518 2025] [security2:error] [pid 23870:tid 23870] [client 104.207.44.250:56937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jr2g.com"] [uri "/.env"] [unique_id "aTf0jj1fQY8pUEEmX3-OFgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-08 00:08:36 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
Anonymous	2025-12-07 13:19:26 (6 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 03:36:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 22:36:28.303649 2025] [security2:error] [pid 26301:tid 26301] [client 104.207.44.250:41165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "russiacoin.info"] [uri "/.env"] [unique_id "aTOkvPB3zimJ-SSx3iaaSgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 15:18:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 10:18:44.695041 2025] [security2:error] [pid 9864:tid 9864] [client 104.207.44.250:40335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "partybuseslansing.com"] [uri "/.env"] [unique_id "aTL31FRIiorM0rQvaaN28wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:44:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:44:33.647362 2025] [security2:error] [pid 25185:tid 25185] [client 104.207.44.250:51865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "springmeadowventures.com"] [uri "/.env"] [unique_id "aTKNYVK_892PUDvCl7xIlQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:46:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:46:31.266007 2025] [security2:error] [pid 1877:tid 1877] [client 104.207.44.250:43897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeranny.com"] [uri "/.git/HEAD"] [unique_id "aTJVl7wA76b_CIrTJbKFvAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-29 12:46:20 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-15 20:56:56 (8 months ago)	GlobalProtect login attempts with user dstut.	VPN IP Brute-Force
Anonymous	2025-10-03 19:32:24 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.03 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.03 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-02 15:49:19 (8 months ago)	Attempted brute force login to web vpn 27 time(s); last attempt for 2025.10.02 is noted in report ti ... show more Attempted brute force login to web vpn 27 time(s); last attempt for 2025.10.02 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-30 14:01:03 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.30 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 92.205.18.204

🇳🇱 91.92.40.5

🇺🇸 66.132.172.241

🇺🇸 44.255.31.74

🇺🇸 44.118.50.241

🇸🇬 194.5.82.130

🇳🇱 185.242.226.97

🇨🇳 106.227.33.165

🇰🇼 78.89.154.59

🇧🇷 45.205.1.68

🇺🇸 44.120.101.53

🇬🇧 2a06:4880:2000::2a

🇺🇸 216.180.246.147

🇺🇸 205.210.31.19

🇺🇸 44.60.159.11

🇩🇪 167.94.145.25

🇺🇸 44.98.63.158

🇬🇧 35.203.210.158

🇺🇸 205.210.31.89

🇧🇷 201.16.238.49