JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.140

104.207.41.140 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.140

Whois 104.207.41.140

IP Abuse Reports for 104.207.41.140:

This IP address has been reported a total of 142 times from 17 distinct sources. 104.207.41.140 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-05-15 02:09:10 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.41.140 (US/United States/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.41.140 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 CBJ	2026-05-14 02:14:57 (3 weeks ago)	fail2ban: apache-proxy ...	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-04 19:06:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 14:06:26.870305 2025] [security2:error] [pid 11642:tid 11642] [client 104.207.41.140:34465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdgsf.xyz"] [uri "/.env"] [unique_id "aTHbsg4VkH2QSo1_I-SSFwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:10:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:10:39.575496 2025] [security2:error] [pid 13534:tid 13534] [client 104.207.41.140:48843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.wotanberg.info"] [uri "/.git/HEAD"] [unique_id "aSbSHxs-oM55RLY4m5WWAAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:34:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:34:46.001182 2025] [security2:error] [pid 15439:tid 15439] [client 104.207.41.140:45807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.drbbenefits.com"] [uri "/.env"] [unique_id "aSa7pjtG--grLNM8m8W-yAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:52:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:52:29.055028 2025] [security2:error] [pid 8300:tid 8300] [client 104.207.41.140:21671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.versallis.com"] [uri "/.git/HEAD"] [unique_id "aSZrbSKC48RUX2bsNZSkgwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 02:34:50 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:01:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:01:51.568756 2025] [security2:error] [pid 21698:tid 21698] [client 104.207.41.140:38471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kathiekate.com"] [uri "/.git/HEAD"] [unique_id "aSZRf8q4YRkG3_9f5Rb-fAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:38:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:38:28.767897 2025] [security2:error] [pid 21086:tid 21086] [client 104.207.41.140:19785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.dougscomputers.com"] [uri "/.env"] [unique_id "aSZMBFwvekGTL2W68ZW-JQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:24:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:24:42.078817 2025] [security2:error] [pid 19916:tid 19916] [client 104.207.41.140:53975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.anthearodgers.com"] [uri "/.env"] [unique_id "aST3ShO5-3zPK19auNgq5QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 13:30:08 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
Anonymous	2025-11-14 00:16:23 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 techboy117	2025-11-14 00:16:07 (6 months ago)	Blocking due to password spraying.	Brute-Force
Anonymous	2025-10-15 23:18:42 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 163.7.9.55

🇳🇬 102.88.137.213

🇺🇸 68.183.59.84

🇳🇱 45.148.10.183

🇺🇸 216.24.210.227

🇰🇷 175.214.123.177

🇺🇸 172.202.114.25

🇻🇳 103.131.71.171

🇳🇱 88.151.33.232

🇮🇹 84.33.243.253

🇱🇹 81.30.98.142

🇬🇧 77.68.9.24

🇮🇳 49.207.243.158

🇮🇷 37.148.5.246

🇺🇸 157.230.211.23

🇻🇳 125.212.235.194

🇳🇱 81.19.216.74

🇺🇸 45.33.41.118

🇷🇴 2.57.121.25

🇲🇽 187.154.100.150