JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.112

104.207.41.112 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.112

Whois 104.207.41.112

IP Abuse Reports for 104.207.41.112:

This IP address has been reported a total of 153 times from 21 distinct sources. 104.207.41.112 was first reported on June 6th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-06 07:43:31 (2 days ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-05-17 07:25:44 (3 weeks ago)	Brute force	Brute-Force
Anonymous	2026-05-12 13:28:41 (3 weeks ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
Anonymous	2026-05-03 03:08:48 (1 month ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 oralunal	2026-03-24 03:03:53 (2 months ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2026-03-09 04:29:39 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇬🇧 relianoid.com	2026-03-02 12:39:17 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-02-11 17:07:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 12:07:27.023841 2026] [security2:error] [pid 8328:tid 8328] [client 104.207.41.112:25463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquascapes.net"] [uri "/.env.production"] [unique_id "aYy3T0NO4hyaGx6SMBcCjQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 16:06:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 11:06:22.868334 2026] [security2:error] [pid 5692:tid 5692] [client 104.207.41.112:23199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "apwstl.com"] [uri "/frontend/.env"] [unique_id "aYyo_k3SWyNiEr3NtZPS5gAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:28:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:28:42.269335 2026] [security2:error] [pid 24323:tid 24323] [client 104.207.41.112:9913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knowledgepreservationalliance.com"] [uri "/new/.git/config"] [unique_id "aYrCCqyNRiuQIdr1182niQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:22:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:22:36.114028 2026] [security2:error] [pid 20322:tid 20322] [client 104.207.41.112:24865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iamnotguilty.com"] [uri "/config/.env"] [unique_id "aYqkfPFYpZlKVcnmrtr4ngAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:20:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:20:42.129086 2026] [security2:error] [pid 16701:tid 16701] [client 104.207.41.112:44363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keeran.org"] [uri "/api/.git/config"] [unique_id "aYprypZdd3LjGZtJVfizbQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:07:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:06:51.736711 2026] [security2:error] [pid 6049:tid 6049] [client 104.207.41.112:11019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathyquan.com"] [uri "/test/.git/config"] [unique_id "aYpae_xAb09W7NPWpwtmCwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 20:06:30 (3 months ago)	Blocking for trying to access an exploit file: /api/.env	Hacking

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 217.217.255.181

🇺🇸 205.169.39.188

🇺🇸 172.178.16.179

🇩🇪 116.203.138.135

🇨🇳 111.26.115.124

🇧🇪 34.77.239.249

🇹🇷 5.11.221.119

🇧🇷 200.77.179.134

🇲🇽 187.131.249.195

🇳🇱 178.16.54.88

🇧🇷 177.11.196.79

🇸🇪 171.25.158.74

🇲🇾 115.134.8.173

🇺🇸 100.29.192.109

🇫🇷 91.196.152.187

🇷🇺 89.109.233.181

🇺🇸 68.82.141.145

🇰🇷 47.80.241.233

🇯🇵 8.209.233.167

🇸🇬 2a02:4780:3:1378:0:35a3:9a61:1