JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.224

104.207.41.224 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.224

Whois 104.207.41.224

IP Abuse Reports for 104.207.41.224:

This IP address has been reported a total of 133 times from 13 distinct sources. 104.207.41.224 was first reported on June 12th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-27 14:23:41 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2025-12-12 00:28:25 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (5 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-11-25 06:27:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:27:51.487271 2025] [security2:error] [pid 675:tid 675] [client 104.207.41.224:35635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.constructionloansfunding.com"] [uri "/.env"] [unique_id "aSVMZwqfQcc9sCUUXysg5wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:24:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:24:30.508493 2025] [security2:error] [pid 18343:tid 18343] [client 104.207.41.224:49285] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.delucchi.net"] [uri "/.git/HEAD"] [unique_id "aSU9jjIMqHIJ1ey8Z2T38AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:39:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:39:38.598230 2025] [security2:error] [pid 6987:tid 6987] [client 104.207.41.224:33161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.eeinspect.net"] [uri "/.git/HEAD"] [unique_id "aSUzCsBrARu1-RkcH79clQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:31:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:31:26.209327 2025] [security2:error] [pid 27727:tid 27752] [client 104.207.41.224:31881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.toastandfigs.com"] [uri "/.svn/wc.db"] [unique_id "aSUU_veXMnwYTnmV60PU7gAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:48:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:48:12.322040 2025] [security2:error] [pid 1647076:tid 1647086] [client 104.207.41.224:10879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.lordennerdale.com"] [uri "/.env"] [unique_id "aSUK3OH4DuV7HFq4iAn_-wAAAQY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:41:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:41:39.154315 2025] [security2:error] [pid 11332:tid 11332] [client 104.207.41.224:24067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.xcengineering.xyz"] [uri "/.git/HEAD"] [unique_id "aSP-IxssMWGg3PS-WgJAfgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:20:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:20:39.861520 2025] [security2:error] [pid 22840:tid 22840] [client 104.207.41.224:46513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lazymanvegan.com"] [uri "/.env"] [unique_id "aSPrJ8ncA7Vw5c6xjcdDKwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:56:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:56:28.643527 2025] [security2:error] [pid 32601:tid 32601] [client 104.207.41.224:41643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.integrabroadcast.com"] [uri "/.env"] [unique_id "aSPlfEPy3d_8nH4jVELU7AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2025-10-27 00:36:37 (7 months ago)	C1-W: TCP-Scanner. Port: 22	Port Scan
🇱🇻 garmtech.com	2025-10-23 16:57:15 (7 months ago)	IM360 WAF: SQL Injection Attack: Common DB Names Detected	SQL Injection
Anonymous	2025-10-18 09:02:42 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
🇫🇮 YF	2025-10-16 13:01:12 (7 months ago)	xmlrpc.php (Potential DDoS or brute force)	Brute-Force Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 131.72.148.41

🇺🇸 92.204.138.51

🇺🇸 74.72.125.241

🇺🇸 209.90.232.251

🇬🇧 193.163.125.218

🇫🇷 188.209.129.151

🇬🇧 185.216.145.185

🇧🇷 177.200.33.242

🇳🇱 176.65.148.242

🇩🇪 167.94.146.35

🇺🇸 165.154.163.10

🇨🇳 101.31.138.239

🇧🇬 94.236.214.240

🇳🇱 93.123.72.166

🇮🇶 91.106.59.76

🇺🇸 54.152.88.205

🇸🇬 45.78.230.231

🇬🇧 35.203.211.182

🇬🇧 35.203.210.113

🇮🇪 34.246.222.110