JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.178

104.207.41.178 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.178

Whois 104.207.41.178

IP Abuse Reports for 104.207.41.178:

This IP address has been reported a total of 138 times from 19 distinct sources. 104.207.41.178 was first reported on June 20th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 octageeks.com	2026-02-21 05:06:42 (3 months ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
🇳🇱 jjnxpct	2026-02-16 04:54:31 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.staging (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.staging] show less	Hacking Web App Attack
🇺🇸 mnsf	2026-02-16 02:05:56 (4 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇩🇪 DocNetzwerk	2026-02-15 12:25:42 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.41.178 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 11:45:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:45:25.793777 2026] [security2:error] [pid 8023:tid 8023] [client 104.207.41.178:39597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qcyprus.com"] [uri "/wp/.git/config"] [unique_id "aZGx1ZIDVGY3Tm8GqJjhsQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:28:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:28:30.335228 2026] [security2:error] [pid 6634:tid 6634] [client 104.207.41.178:38919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxyveg.com"] [uri "/backend/.env"] [unique_id "aZGt3lcvI3dYer86ClhgBgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 11:07:56 (4 months ago)	Multiple WAF Violations	Web App Attack
🇫🇷 ecode hosting	2026-02-15 07:09:06 (4 months ago)	Domain : secertarim.com Rule : env 2026-02-15 07:07:12 10.100.1.20 GET /api/.env - 443 - 104.207.41. ... show more Domain : secertarim.com Rule : env 2026-02-15 07:07:12 10.100.1.20 GET /api/.env - 443 - 104.207.41.178 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 - secertarim.com 301 0 0 357 159 142 - - show less	Hacking SQL Injection
🇨🇭 Origon	2026-02-15 06:00:05 (4 months ago)	http-sensitive-files - IP: 104.207.41.178 - time="2026-02-15T07:00:05+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.41.178 - time="2026-02-15T07:00:05+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.41.178 (US/200373) : 4h ban on Ip 104.207.41.178" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:07:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:07:23.321890 2026] [security2:error] [pid 6224:tid 6255] [client 104.207.41.178:53179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oconnorpest.biz"] [uri "/v2/.git/config"] [unique_id "aZFUiwd6CwE1zZPIU6mzdgAAAQE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:16:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:16:29.590814 2026] [security2:error] [pid 7924:tid 7924] [client 104.207.41.178:57605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ppcspetsitting.com"] [uri "/.git/config"] [unique_id "aZFInb1vl-CKtdPg3h-1qwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:20:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:20:26.241035 2026] [security2:error] [pid 1163345:tid 1163345] [client 104.207.41.178:10167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plava.org"] [uri "/v2/.git/config"] [unique_id "aZEtakWe-ilBwHExSqan6gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:04:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:04:17.004540 2026] [security2:error] [pid 196097:tid 196097] [client 104.207.41.178:41323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pjbruner.com"] [uri "/dev/.git/config"] [unique_id "aZEpocjiAAv5RptA9bEWkgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:10:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:10:50.132821 2026] [security2:error] [pid 16700:tid 16700] [client 104.207.41.178:36571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rogerbrooks.com"] [uri "/.env.staging"] [unique_id "aZEdGnXVhTErM6QjvTAx9AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 01:05:50 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 181.233.161.35

🇷🇸 77.105.37.219

🇺🇸 45.79.177.245

🇦🇷 185.64.78.57

🇺🇸 165.154.173.120

🇮🇷 151.232.91.81

🇪🇸 196.196.150.5

🇺🇸 195.184.76.175

🇮🇳 122.176.122.24

🇺🇸 34.230.221.101

🇺🇸 165.154.182.182

🇺🇸 154.16.112.232

🇻🇳 103.200.25.79

🇮🇩 103.178.175.233

🇺🇸 91.209.228.154

🇺🇸 75.205.134.141

🇺🇸 75.80.65.214

🇳🇱 45.148.10.157

🇺🇸 38.51.144.187

🇩🇪 212.227.21.213