JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.194

104.207.41.194 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.194

Whois 104.207.41.194

IP Abuse Reports for 104.207.41.194:

This IP address has been reported a total of 143 times from 20 distinct sources. 104.207.41.194 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-07 07:39:12 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-39.104.207.41.194.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-39.104.207.41.194.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇨🇭 backslash	2026-05-05 17:18:00 (1 month ago)		Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-12 10:34:27 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 12-34.104.207.41.194.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 12-34.104.207.41.194.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2026-03-09 19:12:54 (3 months ago)	Sending spam-mails via forms/direct PHP Execution/SQL injection from email:alexandria.galindo@outloo ... show more Sending spam-mails via forms/direct PHP Execution/SQL injection from email:[email protected] show less	Email Spam Bad Web Bot
🇺🇸 nowyouknow	2026-03-03 08:33:44 (3 months ago)	(From [email protected]) No experience is necessary and full training is provided. But before yo ... show more (From [email protected]) No experience is necessary and full training is provided. But before you apply, you need to see which role you’re best suited for. Go here to take the Writing Job Quiz. ---> http://PaidToWrite.Online/ Once you finish the quiz, you’ll get a breakdown of the best opportunities available for you right now. Visit -----> http://PaidToWrite.Online/ show less	Phishing Web Spam
🇪🇸 librebit	2026-01-08 02:24:58 (5 months ago)	Brute force	Brute-Force
🇮🇹 VHosting	2025-12-29 10:45:04 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 23:04:15 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 02:26:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:26:43.898265 2025] [security2:error] [pid 17023:tid 17082] [client 104.207.41.194:34211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.plumeraproductions.com"] [uri "/.env"] [unique_id "aSUT471hG8E8_fObGRhziQAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:11:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:11:31.732061 2025] [security2:error] [pid 15543:tid 15543] [client 104.207.41.194:55255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.thomaschemicals.com"] [uri "/.svn/wc.db"] [unique_id "aSUQU0MHjunJzKlr170dEwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:13:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:13:15.595474 2025] [security2:error] [pid 27316:tid 27316] [client 104.207.41.194:17019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brainstormer.visionremota.info"] [uri "/.git/HEAD"] [unique_id "aSUCq0jKf41lMGOAoAuaKQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:27:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:27:50.662907 2025] [security2:error] [pid 26054:tid 26054] [client 104.207.41.194:12585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blacktvnow.com"] [uri "/.svn/wc.db"] [unique_id "aSQlFr3-D1s0cZg9zi40XwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:44:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:44:10.528139 2025] [security2:error] [pid 132008:tid 132029] [client 104.207.41.194:31479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.executive.bz"] [uri "/.env"] [unique_id "aSQa2gH-XN5lTt6cMbeVsQAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:26:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:26:50.182159 2025] [security2:error] [pid 3757:tid 3757] [client 104.207.41.194:34749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.dgroupsa.com"] [uri "/.git/HEAD"] [unique_id "aSQWyhQu5bDdsSH8uCaW1wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2620:18c:0:192::e0:185

🇧🇷 200.175.61.207

🇬🇧 161.12.35.165

🇺🇸 157.245.169.157

🇨🇳 121.11.239.242

🇷🇸 91.187.148.42

🇺🇸 64.92.6.70

🇲🇾 47.250.93.212

🇳🇱 45.148.10.152

🇺🇸 18.97.5.33

🇩🇪 213.209.159.238

🇺🇸 192.210.228.134

🇫🇷 185.188.249.30

🇨🇳 111.127.152.34

🇺🇸 107.170.36.176

🇰🇷 59.24.133.197

🇺🇸 52.158.160.230

🇺🇸 49.51.196.195

🇬🇧 35.203.210.184

🇧🇪 198.235.24.242