JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.134

104.207.41.134 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.134

Whois 104.207.41.134

IP Abuse Reports for 104.207.41.134:

This IP address has been reported a total of 146 times from 22 distinct sources. 104.207.41.134 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-26 07:47:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 02:47:29.578625 2026] [security2:error] [pid 27433:tid 27433] [client 104.207.41.134:47615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.92"] [uri "/.git/config"] [unique_id "aZ_6kU_k4_x_Wpqpp7PwoAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 cheatmaster.store	2026-02-25 23:15:24 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: United States Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇨🇭 backslash	2026-01-24 15:40:04 (4 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-29 06:14:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:14:31.599614 2025] [security2:error] [pid 1198:tid 1198] [client 104.207.41.134:38279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wplusw.com"] [uri "/.svn/wc.db"] [unique_id "aVIcR52mLt2KPYkJOVdDxQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:57:18 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:57:14.938474 2025] [security2:error] [pid 23123:tid 23123] [client 104.207.41.134:22295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "2pollards.com"] [uri "/.env"] [unique_id "aVH8Gg0q2wczgtI6ZiIMpAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2025-12-27 22:37:07 (5 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-12-24 02:48:36 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 23 21:48:29.787896 2025] [security2:error] [pid 7027:tid 7027] [client 104.207.41.134:22407] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ontimelogistiks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ontimelogistiks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aUtUfbh5w37xr1XvfV7fTQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 16:45:15 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-15 14:01:19 (5 months ago)	botnet	DDoS Attack
🇫🇷 mrcrassi	2025-12-09 09:27:16 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-24 09:57:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:57:04.501812 2025] [security2:error] [pid 26014:tid 26014] [client 104.207.41.134:16485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ferreteria.imerka.com.mx"] [uri "/.git/HEAD"] [unique_id "aSQr8HYGu0MJmoWHvPz6XAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:02:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:02:20.169706 2025] [security2:error] [pid 18194:tid 18292] [client 104.207.41.134:25043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aliqsha.com"] [uri "/.git/HEAD"] [unique_id "aSP07O9urIyQu8V3f-3vfAAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:21:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:21:05.367726 2025] [security2:error] [pid 6482:tid 6482] [client 104.207.41.134:53421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.uppermotradingco.com"] [uri "/.env"] [unique_id "aSPrQUYUseECVCusvwIm3wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:00:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:59:55.460702 2025] [security2:error] [pid 3812:tid 3812] [client 104.207.41.134:46743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abcollie.com"] [uri "/.env"] [unique_id "aSPmS5PiPoXrtp31PCgirAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 12:28:21 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.177.179.174

🇺🇸 192.178.37.28

🇺🇸 165.232.50.131

🇷🇸 147.91.214.200

🇻🇳 117.2.73.65

🇮🇳 103.21.79.242

🇺🇸 20.65.194.6

🇩🇪 2a02:4780:3f:1903:0:13dd:ec32:1

🇺🇸 147.185.132.213

🇮🇩 145.79.14.133

🇺🇸 132.196.82.4

🇮🇳 103.38.182.49

🇮🇩 2a02:4780:6:2086:0:2fda:f903:1

🇳🇱 185.93.89.147

🇫🇷 178.238.226.170

🇩🇪 213.209.159.56

🇳🇱 185.242.226.81

🇲🇴 182.93.50.90

🇺🇸 96.44.174.248

🇺🇸 72.18.83.212