JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.117

104.207.41.117 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.117

Whois 104.207.41.117

IP Abuse Reports for 104.207.41.117:

This IP address has been reported a total of 142 times from 15 distinct sources. 104.207.41.117 was first reported on June 6th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 as211431.net	2026-06-02 12:56:30 (4 days ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /index.php UA: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-04-24 23:21:38 (1 month ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-04-03 22:53:15 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-07 17:39:56 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 windowsforum	2026-02-14 00:28:45 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, ... show more Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, username=AthenaMaci show less	Web Spam Bad Web Bot
Anonymous	2026-01-29 07:30:20 (4 months ago)	Forum/form spam	Web Spam
Anonymous	2026-01-11 18:31:36 (4 months ago)	Forum/form spam	Web Spam
🇪🇸 10dencehispahard SL	2025-12-29 09:18:09 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇨🇭 backslash	2025-12-25 01:05:04 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 10:30:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:30:40.345113 2025] [security2:error] [pid 6089:tid 6089] [client 104.207.41.117:57943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.patrickconklin.com"] [uri "/.svn/wc.db"] [unique_id "aSbW0OjAjN2QDCTdDEBkcAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:05:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:05:37.123765 2025] [security2:error] [pid 28245:tid 28245] [client 104.207.41.117:31601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.awani-partners.com"] [uri "/.svn/wc.db"] [unique_id "aSamwRkkDQ6o0lupOHGSCgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 04:03:27 (6 months ago)	Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.26 is noted in report ti ... show more Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.26 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 02:50:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:49:59.567475 2025] [security2:error] [pid 15319:tid 15319] [client 104.207.41.117:38595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.lisalehmann.com"] [uri "/.svn/wc.db"] [unique_id "aSZq1zkq27gjWcbIBqmy2gAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:06:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.117 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:06:40.242310 2025] [security2:error] [pid 9766:tid 9766] [client 104.207.41.117:50375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nhg.banis-associates.com"] [uri "/.git/HEAD"] [unique_id "aSZgsIyhrKi6HAcpjEdbNwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 75.4.193.218

🇯🇵 8.216.16.144

🇫🇷 2001:861:c64:d40:58ec:fa6:517c:1d7f

🇺🇸 209.250.4.144

🇸🇪 193.189.100.196

🇮🇶 185.166.25.150

🇨🇳 120.209.186.110

🇻🇳 113.161.39.122

🇨🇳 106.117.109.139

🇮🇳 103.91.246.73

🇵🇰 72.255.33.190

🇰🇷 49.247.37.22

🇳🇱 45.148.10.141

🇺🇸 15.204.95.90

🇩🇪 203.188.189.46

🇮🇳 119.18.52.5

🇺🇸 107.21.47.135

🇷🇴 92.118.39.236

🇬🇧 35.203.211.231

🇨🇳 210.16.168.11