JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.109

104.207.41.109 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.109

Whois 104.207.41.109

IP Abuse Reports for 104.207.41.109:

This IP address has been reported a total of 147 times from 25 distinct sources. 104.207.41.109 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 thetomtaylor.co.uk	2026-06-04 19:08:02 (1 day ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-04 19:07:02 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇳🇱 jjnxpct	2026-03-28 04:48:53 (2 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /nl/component/content/article/thomas-van-der-sommen (Rule ID: 942540) - SQL Authentication bypass (split query) [Suspicious: '; found within ARGS:Itemid: ';] show less	Web App Attack SQL Injection Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-19 05:18:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:18:56.347876 2026] [security2:error] [pid 21988:tid 21988] [client 104.207.41.109:57683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kreweofblackbeardsrevenge.com"] [uri "/.env.production"] [unique_id "aZadQI0_m7CrXnCMQ1cZQQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:56:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:56:00.692828 2026] [security2:error] [pid 21024:tid 21024] [client 104.207.41.109:37345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnairdwoodworking.com"] [uri "/admin/.env"] [unique_id "aZaJ0Ed4vtyrvrPIPoHCvgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:12:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:12:37.172135 2026] [security2:error] [pid 16125:tid 16125] [client 104.207.41.109:28279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathyquan.com"] [uri "/dev/.git/config"] [unique_id "aZZxlcr_D6cypJYP6-B6BQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 01:28:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:27:53.837076 2026] [security2:error] [pid 17725:tid 17725] [client 104.207.41.109:52575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kanata.ws"] [uri "/.env.save"] [unique_id "aZZnGQdVudA_eVN6sb00TgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:37:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:37:02.093895 2026] [security2:error] [pid 5806:tid 5806] [client 104.207.41.109:51543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vrevgaming.net"] [uri "/backend/.env"] [unique_id "aZZbLhQhMlBxBqfclBnU-gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:30:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:30:41.219521 2026] [security2:error] [pid 2170:tid 2170] [client 104.207.41.109:48283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thevillageartcenter.com"] [uri "/admin/.git/config"] [unique_id "aZYFUX5ynhaGjzwwvkDKKwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:41:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:41:35.952181 2026] [security2:error] [pid 25447:tid 25447] [client 104.207.41.109:10567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "woahmanatee.com"] [uri "/.env.staging"] [unique_id "aZXBj9DHZXnZAwASPee5NwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:55:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:55:26.321185 2026] [security2:error] [pid 7720:tid 7720] [client 104.207.41.109:48141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "warpspeed7.com"] [uri "/api/.env"] [unique_id "aZWorgb1itXsKb-TscsaBwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-31 00:58:49 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇧🇷 hostseries	2025-12-24 04:55:40 (5 months ago)	Trigger: LF_DISTATTACK	Brute-Force
Anonymous	2025-12-13 06:58:53 (5 months ago)	botnet	DDoS Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 109.105.209.12

🇺🇸 18.218.146.4

🇺🇸 143.14.6.17

🇨🇦 142.167.64.76

🇮🇳 128.185.254.162

🇳🇱 74.125.114.214

🇳🇦 41.182.178.144

🇮🇳 36.255.66.70

🇩🇪 2.26.61.203

🇨🇳 175.9.228.181

🇭🇰 165.154.42.211

🇺🇸 143.198.171.91

🇩🇪 104.207.52.98

🇮🇳 103.91.246.73

🇨🇦 85.217.149.18

🇺🇸 66.132.172.39

🇯🇵 43.207.51.33

🇬🇧 35.203.210.188

🇮🇳 13.233.174.244

🇩🇪 213.209.159.236