JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.17

104.207.41.17 was found in our database!

This IP was reported 96 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.17

Whois 104.207.41.17

IP Abuse Reports for 104.207.41.17:

This IP address has been reported a total of 96 times from 22 distinct sources. 104.207.41.17 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Mundo Bueno	2026-04-05 02:43:15 (2 months ago)	[ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: US \| UA: PHP/5.3.03	Hacking Web App Attack
🇺🇸 myagent.site	2026-01-21 18:30:19 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-21 08:37:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 03:37:49.443304 2026] [security2:error] [pid 26003:tid 26003] [client 104.207.41.17:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ard.global"] [uri "/.env"] [unique_id "aXCQXVpKLW6JhQxGqFQBaAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 afleventoffice.com.au	2026-01-20 14:21:41 (4 months ago)	GET /.svn/wc.db HTTP/1.1	Web App Attack
🇩🇪 stinpriza	2025-12-31 00:08:05 (5 months ago)	Web App Attack	Web App Attack
Anonymous	2025-12-23 19:26:15 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 22:38:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 17:38:32.104715 2025] [security2:error] [pid 6694:tid 6694] [client 104.207.41.17:44527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.raintechgutters.com"] [uri "/.svn/wc.db"] [unique_id "aSeBaE_DCQIRR-WY3Lca5gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 22:38:18 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 16:34:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 11:34:21.858199 2025] [security2:error] [pid 6930:tid 6930] [client 104.207.41.17:9311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.customdesignsbybjp.com"] [uri "/.svn/wc.db"] [unique_id "aScsDaA343KzXz0UyUJiggAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 kumiko	2025-11-26 13:42:06 (6 months ago)	[2025-11-26 15:42:05] Probing for dotfiles "GET /.git/HEAD HTTP/1.1" 301	Bad Web Bot Web App Attack
Anonymous	2025-11-25 07:29:29 (6 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:00:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:00:13.891596 2025] [security2:error] [pid 6255:tid 6255] [client 104.207.41.17:25443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gasoilliquidsdaily.com"] [uri "/.git/HEAD"] [unique_id "aSVT_Z3XcXGS7uoQQBJ9ZgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:43:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:43:18.321767 2025] [security2:error] [pid 19957:tid 19957] [client 104.207.41.17:27977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.bkspeck.com"] [uri "/.svn/wc.db"] [unique_id "aSVQBvLgwSOUcjD47ivWeAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:57:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:57:37.012201 2025] [security2:error] [pid 19879:tid 19879] [client 104.207.41.17:29813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.h-mod.com"] [uri "/.svn/wc.db"] [unique_id "aSVFUYz1cypc7T2dryFzIwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:19:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:19:01.211004 2025] [security2:error] [pid 1755:tid 1755] [client 104.207.41.17:36929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.asterioland.com"] [uri "/.git/HEAD"] [unique_id "aSU8ReUwadu3y44y6_690QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 96 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.67.122.230

🇧🇷 205.210.31.206

🇧🇷 201.28.237.90

🇫🇷 85.204.70.88

🇨🇦 51.161.37.141

🇨🇳 36.135.62.79

🇺🇸 34.48.35.220

🇮🇳 223.181.29.37

🇰🇷 222.107.156.227

🇺🇸 205.210.31.99

🇺🇸 205.210.31.64

🇬🇧 198.244.183.93

🇺🇸 192.241.179.235

🇦🇷 190.104.254.91

🇱🇻 185.113.139.84

🇮🇳 182.95.115.194

🇺🇸 179.61.232.244

🇺🇸 173.244.60.241

🇸🇬 165.245.178.66

🇰🇷 121.131.220.148