JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.39

104.207.44.39 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.39

Whois 104.207.44.39

IP Abuse Reports for 104.207.44.39:

This IP address has been reported a total of 157 times from 27 distinct sources. 104.207.44.39 was first reported on June 7th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-03-23 14:18:41 (2 months ago)	Brute force	Brute-Force
🇺🇸 mnsf	2026-02-16 01:05:35 (3 months ago)	Scanning/Probing (27)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:27:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:27:25.069393 2026] [security2:error] [pid 16827:tid 16827] [client 104.207.44.39:59519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title37.com"] [uri "/.env.local"] [unique_id "aZG7rQgsTz_-lV9LjdmhMAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:33:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:33:05.924333 2026] [security2:error] [pid 31495:tid 31495] [client 104.207.44.39:38047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tausiet.com"] [uri "/v2/.git/config"] [unique_id "aZGu8cytPMmuTp-wzJHm2QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-15 05:55:21 (3 months ago)	http-sensitive-files - IP: 104.207.44.39 - time="2026-02-15T06:55:21+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.44.39 - time="2026-02-15T06:55:21+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.44.39 (US/200373) : 4h ban on Ip 104.207.44.39" module=db show less	Web App Attack
🇳🇱 jjnxpct	2026-02-15 04:48:41 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.staging (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.staging] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:52:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:52:37.772608 2026] [security2:error] [pid 1469:tid 1469] [client 104.207.44.39:63863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stewhist.org"] [uri "/test/.git/config"] [unique_id "aZFDBT-QDngTZfNidcOZHAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:17:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:17:26.523633 2026] [security2:error] [pid 3355:tid 3355] [client 104.207.44.39:64453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starfateofficial.com"] [uri "/config/.env"] [unique_id "aZE6xqg05sB24wGNCHupjgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-15 02:47:05 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.44.39 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.44.39 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 myagent.site	2026-02-15 01:52:22 (3 months ago)	Blocking for trying to access an exploit file: /.aws/credentials	Hacking
🇫🇷 dynamix	2026-02-15 00:56:37 (3 months ago)	Multiple WAF Violations	Web App Attack
🇫🇮 oh.mg	2026-02-15 00:52:49 (3 months ago)	[Sun Feb 15 01:52:47.602610 2026] [security2:error] [pid 601510:tid 601529] [client 104.207.44.39:20 ... show more [Sun Feb 15 01:52:47.602610 2026] [security2:error] [pid 601510:tid 601529] [client 104.207.44.39:20049] [client 104.207.44.39] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mrman.co.uk"] [uri "/app/.env"] [unique_id "aZEY34pFoyNi8-JdO-0V9QAAAE4"] [Sun Feb 15 01:52:47.807088 2026] [security2:error] [pid 601510:tid 601517] [client 104.207.44.39:20049] [client 104.207.44.39] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "an ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:25:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:25:27.423864 2026] [security2:error] [pid 1028454:tid 1028454] [client 104.207.44.39:59351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lovestuff.net"] [uri "/api/.env"] [unique_id "aZESd81Nj9Vwz3j3SKF32wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 00:23:42 (3 months ago)	(modsecurity) srv103 ModSecurity 104.207.44.39 (US/United States/-): 5 in the last 3600 secs; Ports: ... show more (modsecurity) srv103 ModSecurity 104.207.44.39 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 mnsf	2026-02-15 00:05:58 (3 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.230

🇲🇽 206.135.24.10

🇳🇱 176.65.139.41

🇩🇪 167.94.146.47

🇭🇰 154.92.16.141

🇵🇰 154.57.221.13

🇫🇮 80.223.198.246

🇹🇷 78.187.9.111

🇨🇳 61.191.145.123

🇧🇩 45.120.115.150

🇪🇬 41.37.152.131

🇮🇪 3.248.232.200

🇺🇸 2604:a880:400:d1:0:4:8c08:d001

🇵🇱 194.180.48.148

🇹🇷 185.223.77.200

🇧🇷 179.48.4.14

🇨🇳 117.81.212.152

🇨🇳 117.15.91.164

🇮🇹 91.80.168.29

🇺🇸 35.221.32.7