JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.154

104.207.41.154 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.154

Whois 104.207.41.154

IP Abuse Reports for 104.207.41.154:

This IP address has been reported a total of 153 times from 22 distinct sources. 104.207.41.154 was first reported on June 7th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-05-30 05:55:29 (1 week ago)	Form spam	Web Spam
🇨🇭 backslash	2026-05-29 00:57:00 (1 week ago)		Web Spam
🇺🇸 oncord	2026-05-22 00:53:46 (2 weeks ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2026-05-14 15:45:54 (3 weeks ago)	Malicious Traffic/Form Submission	Phishing Web Spam
Anonymous	2026-04-12 05:50:10 (1 month ago)	Attempt to scan vulnerabilities	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-11 22:14:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 17:14:51.514046 2026] [security2:error] [pid 18729:tid 18729] [client 104.207.41.154:19649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "argun.wine"] [uri "/api/.git/config"] [unique_id "aYz_WygpzR71nD6Qmf9VIwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-11 04:52:44 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /new/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 22:59:59 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
Anonymous	2026-02-10 04:31:27 (3 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-10 03:54:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:54:21.418945 2026] [security2:error] [pid 14868:tid 14868] [client 104.207.41.154:28215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiubo.net"] [uri "/.env"] [unique_id "aYqr7SSZeAFy5T6r3GrEDAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:05:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:05:49.281363 2026] [security2:error] [pid 612:tid 612] [client 104.207.41.154:44241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madronabluff.com"] [uri "/site/.git/config"] [unique_id "aYqgjUtnxXHMNXA2B9lyKwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:24:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:24:24.041757 2026] [security2:error] [pid 13231:tid 13241] [client 104.207.41.154:25105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimbleproperties.com"] [uri "/api/.git/config"] [unique_id "aYqW2AoQP8esBx9Kr0f8UAAAAMg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:01:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:01:34.093034 2026] [security2:error] [pid 5844:tid 5844] [client 104.207.41.154:40437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humbliaslaw.com"] [uri "/config/.env"] [unique_id "aYqDbp1B-cRTEAtsrtWlJgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:48:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:48:30.421078 2026] [security2:error] [pid 7007:tid 7007] [client 104.207.41.154:61861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ken-parker.com"] [uri "/backup/.git/config"] [unique_id "aYpyTg4R_36Wp8Ozh4xBoQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 194.44.201.149

🇰🇿 95.58.255.251

🇮🇪 54.229.137.227

🇺🇸 34.202.88.37

🇺🇸 199.217.105.48

🇬🇧 193.163.125.113

🇷🇺 176.109.97.11

🇺🇸 104.168.4.239

🇨🇳 218.205.34.19

🇪🇹 196.189.126.17

🇺🇸 165.154.163.207

🇺🇸 135.237.126.76

🇨🇳 111.228.60.252

🇺🇸 104.37.30.9

🇻🇳 103.23.146.120

🇮🇪 54.216.78.235

🇮🇳 13.71.92.229

🇷🇴 2.57.121.25

🇬🇧 213.166.84.44

🇺🇸 165.154.182.168