JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.44.75

104.207.44.75 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.44.75

Whois 104.207.44.75

IP Abuse Reports for 104.207.44.75:

This IP address has been reported a total of 134 times from 19 distinct sources. 104.207.44.75 was first reported on June 7th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-05-21 05:12:48 (2 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇪🇸 librebit	2026-05-17 06:26:32 (2 weeks ago)	Brute force	Brute-Force
🇸🇪 Juha Jurvanen	2026-05-12 14:38:59 (3 weeks ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
🇺🇸 TPI-Abuse	2026-02-20 04:56:49 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 23:56:44.586477 2026] [security2:error] [pid 28629:tid 28629] [client 104.207.44.75:61731] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cobbwebb.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cobbwebb.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZfpjNI5eSZBMmYxISjmtQAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-12-29 03:08:44 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇹 VHosting	2025-12-23 18:55:29 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 04:44:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:44:33.976145 2025] [security2:error] [pid 4093:tid 4093] [client 104.207.44.75:10083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.aridscapes.com"] [uri "/.env"] [unique_id "aSU0MVyNjqMhZv_A0ZPqGwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 04:30:57 (6 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2025-11-25 04:13:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:13:31.881596 2025] [security2:error] [pid 25013:tid 25013] [client 104.207.44.75:29613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.hakkawok.com"] [uri "/.git/HEAD"] [unique_id "aSUs69vFS0-NhZM_BNZavgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:24:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:23:49.561202 2025] [security2:error] [pid 27166:tid 27166] [client 104.207.44.75:9425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.valuechains4poor.net"] [uri "/.svn/wc.db"] [unique_id "aSUFJQNzdgYU9CWDaq9ySQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:28:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.44.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:28:37.727944 2025] [security2:error] [pid 24310:tid 24310] [client 104.207.44.75:28793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gransla.com"] [uri "/.git/HEAD"] [unique_id "aST4NeMQcoi46J4l_Eok2QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 madeit	2025-11-04 17:41:21 (7 months ago)		Web App Attack
Anonymous	2025-10-17 16:16:40 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇫🇷 dynamix	2025-10-16 11:21:41 (7 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 bsoft.de	2025-10-16 06:17:19 (7 months ago)	104.207.44.75 - - [16/Oct/2025:08:17:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 ... show more 104.207.44.75 - - [16/Oct/2025:08:17:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (Linux; Android 6.0.1; SM-G532M Build/MMB29T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.91 Mobile Safari/537.36" 104.207.44.75 - - [16/Oct/2025:08:17:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "5.0 (X11; Linux) AppleWebKit/537.21 (KHTML, like Gecko) Qt/4.8.5 Safari/537.21 Telsey" 104.207.44.75 - - [16/Oct/2025:08:17:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Mobile/15E148 Safari/604.1" show less	Web App Attack

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.243.228.110

🇨🇳 14.103.127.66

🇧🇷 187.40.215.162

🇺🇸 167.172.152.196

🇸🇬 159.223.36.55

🇺🇸 147.185.132.223

🇨🇦 144.217.74.127

🇲🇲 103.59.163.135

🇦🇺 58.7.105.207

🇸🇬 52.221.86.223

🇸🇬 47.130.61.219

🇺🇸 20.127.224.63

🇸🇬 18.136.246.89

🇺🇸 13.89.121.92

🇷🇴 2.57.121.112

🇮🇳 217.21.82.85

🇬🇧 198.244.242.70

🇵🇱 194.113.39.34

🇵🇱 194.113.39.6

🇧🇷 170.83.41.79