JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.113

104.207.41.113 was found in our database!

This IP was reported 174 times. Confidence of Abuse is 35%: ?

35%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.113

Whois 104.207.41.113

IP Abuse Reports for 104.207.41.113:

This IP address has been reported a total of 174 times from 26 distinct sources. 104.207.41.113 was first reported on June 13th 2024, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-07 01:36:17 (18 hours ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 masterguru	2026-06-04 20:35:24 (2 days ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.41.113 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.41.113 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 tilellit.pro	2026-05-30 03:45:47 (1 week ago)	Fail2Ban banned 104.207.41.113 for security violations in jail wp-armour. Log: 2026/05/30 03:45:46 [ ... show more Fail2Ban banned 104.207.41.113 for security violations in jail wp-armour. Log: 2026/05/30 03:45:46 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.41.113 \| Target: wplogin" , client: 104.207.41.113, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2026-05-28 06:58:18 (1 week ago)	Web attack blocked by Wordfence on mergel.nu (1 hit). Reported by CRMON.	Web App Attack
Anonymous	2026-05-26 08:48:10 (1 week ago)	[server.tmg.gr] httpd-login-spray-site: sites=add2021.gr; logs=/var/log/httpd/domains/add2021.gr.log ... show more [server.tmg.gr] httpd-login-spray-site: sites=add2021.gr; logs=/var/log/httpd/domains/add2021.gr.log; samples=site_wide=true \| distinct_ips=64 \| /wp-login.php show less	Hacking Web App Attack
Anonymous	2026-05-04 18:42:05 (1 month ago)	Forum/form spam	Web Spam
Anonymous	2026-03-14 21:59:50 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 windowsforum	2026-02-19 17:46:08 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, ... show more Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, username=DemetraLai show less	Web Spam Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-19 05:48:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:48:22.011605 2026] [security2:error] [pid 18036:tid 18036] [client 104.207.41.113:28735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kunzteam.com"] [uri "/.env.staging"] [unique_id "aZakJivY9rcySju7juvooAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 05:27:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:26:46.404739 2026] [security2:error] [pid 15000:tid 15000] [client 104.207.41.113:61601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krukgpt.com"] [uri "/frontend/.env"] [unique_id "aZafFkgS0EUYxE-ZbuuYdAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-19 05:05:33 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 04:55:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:55:36.475902 2026] [security2:error] [pid 9765:tid 9765] [client 104.207.41.113:24893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "konstantiasofokleous.com"] [uri "/site/.git/config"] [unique_id "aZaXyEp8exyGNTmDAajXsQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 04:00:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:00:18.384848 2026] [security2:error] [pid 24292:tid 24292] [client 104.207.41.113:44239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirklandplumbing.ca"] [uri "/app/.git/config"] [unique_id "aZaK0sEVjZ6HOJDHKLp9BAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:40:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:40:36.183200 2026] [security2:error] [pid 1879931:tid 1879945] [client 104.207.41.113:51993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killerrockandroll.com"] [uri "/config/.env"] [unique_id "aZaGNEBDmV8qTJf4GlpB5wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-02-19 00:51:46 (3 months ago)	Login credentials theft attempt	Hacking

Showing 1 to 15 of 174 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇶 178.210.226.186

🇺🇸 3.19.141.173

🇯🇴 212.34.13.188

🇺🇸 205.210.31.46

🇺🇸 185.8.107.58

🇺🇸 172.98.33.121

🇨🇦 167.99.184.239

🇨🇦 144.217.76.59

🇳🇱 142.93.137.232

🇺🇸 109.105.210.67

🇳🇬 102.212.40.244

🇵🇱 83.28.216.181

🇷🇴 80.94.92.167

🇲🇾 47.250.43.129

🇺🇦 37.221.128.240

🇮🇳 2a02:4780:11:1778:0:dfd:f0ab:1

🇨🇱 190.160.155.190

🇺🇸 185.8.107.219

🇮🇩 139.255.254.163

🇨🇳 124.223.19.47