JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.115

104.207.41.115 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.115

Whois 104.207.41.115

IP Abuse Reports for 104.207.41.115:

This IP address has been reported a total of 136 times from 16 distinct sources. 104.207.41.115 was first reported on June 4th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-02-10 06:42:52 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.41.115 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.41.115 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:38:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:38:00.270077 2026] [security2:error] [pid 15678:tid 15678] [client 104.207.41.115:39701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ilil.net"] [uri "/.env"] [unique_id "aYrSSFdNY1MmqK4O649fCgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:06:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:06:26.172728 2026] [security2:error] [pid 6980:tid 6980] [client 104.207.41.115:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail-pmg.com"] [uri "/.env.staging"] [unique_id "aYrK4sJbArscsTmShjySRwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Axel	2026-02-10 06:06:24 (3 months ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.product ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.production show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:31:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:31:10.514988 2026] [security2:error] [pid 1276:tid 1276] [client 104.207.41.115:36515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kleens-uk.com"] [uri "/new/.git/config"] [unique_id "aYq0joCMVslZo800o_D-oQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:13:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:13:45.432592 2026] [security2:error] [pid 2762:tid 2762] [client 104.207.41.115:39901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maeghanan.com"] [uri "/.env"] [unique_id "aYqiacHeJyKljojQOQLvywAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:48:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:48:23.693401 2026] [security2:error] [pid 28147:tid 28147] [client 104.207.41.115:26955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keyston.net"] [uri "/frontend/.env"] [unique_id "aYqAVwn5gmNX7LWvEQ6SmQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:30:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:30:06.058362 2026] [security2:error] [pid 15557:tid 15557] [client 104.207.41.115:25957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ketsuri.com"] [uri "/.env.local"] [unique_id "aYp8DooD8lCu_YipVz_ZjwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-02-09 21:29:20 (3 months ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:46:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:46:03.161934 2026] [security2:error] [pid 23257:tid 23266] [client 104.207.41.115:33157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honorac.com"] [uri "/backend/.env"] [unique_id "aYpHi3ufXfAJQmS5a--_7QAAAUU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:59:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:59:06.809907 2026] [security2:error] [pid 10556:tid 10556] [client 104.207.41.115:59293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homenetserv.com"] [uri "/app/.env"] [unique_id "aYo8ih99TAnTxrsZtf_NRwAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 F242	2026-01-30 05:12:39 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇪🇸 loadsoporte	2026-01-06 23:42:33 (5 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2025-12-29 05:07:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:07:46.020526 2025] [security2:error] [pid 30070:tid 30070] [client 104.207.41.115:34155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "texaschristmascards.com"] [uri "/.env"] [unique_id "aVIMohUmCy_88lDBVAykmwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:00:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:00:17.778676 2025] [security2:error] [pid 30603:tid 30603] [client 104.207.41.115:35737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "endemic.com"] [uri "/.git/HEAD"] [unique_id "aVH80Y317mjh9oBc8ZeroAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.225

🇸🇬 143.198.201.179

🇺🇸 34.174.250.161

🇺🇸 23.94.133.71

🇺🇸 18.217.84.200

🇸🇬 8.222.229.192

🇺🇸 209.126.107.84

🇨🇦 198.50.202.93

🇵🇰 192.140.149.1

🇬🇧 185.216.145.172

🇧🇷 168.196.206.14

🇲🇲 116.206.193.61

🇰🇷 116.125.120.27

🇨🇭 104.244.74.84

🇺🇸 100.29.192.7

🇨🇦 85.217.149.26

🇫🇷 84.17.43.213

🇰🇷 34.64.105.110

🇺🇸 20.46.251.132

🇮🇪 20.13.164.162