JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.227

104.207.41.227 was found in our database!

This IP was reported 159 times. Confidence of Abuse is 38%: ?

38%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.227

Whois 104.207.41.227

IP Abuse Reports for 104.207.41.227:

This IP address has been reported a total of 159 times from 27 distinct sources. 104.207.41.227 was first reported on June 21st 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-01 17:48:14 (3 days ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
🇫🇷 ELYAZ	2026-05-31 09:23:41 (4 days ago)	(y4) Failed scan -byebye- from 104.207.41.227 (US/United States/-): (CF_ENABLE)	Hacking
🇨🇿 ddw	2026-05-31 04:42:05 (4 days ago)	WordPress Brute Force Attack.	Hacking Brute-Force Web App Attack
🇫🇷 mrcrassi	2026-05-28 23:57:32 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 HJ5Ss4Ju	2026-05-28 12:10:10 (1 week ago)	Blocked by Wordfence (SID 6)	Web App Attack
Anonymous	2026-05-26 08:48:49 (1 week ago)	[server.tmg.gr] httpd-login-spray-site: sites=add2021.gr; logs=/var/log/httpd/domains/add2021.gr.log ... show more [server.tmg.gr] httpd-login-spray-site: sites=add2021.gr; logs=/var/log/httpd/domains/add2021.gr.log; samples=site_wide=true \| distinct_ips=64 \| /wp-login.php show less	Hacking Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-19 05:50:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:50:27.442013 2026] [security2:error] [pid 22352:tid 22352] [client 104.207.41.227:49909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kurikka.eu"] [uri "/.env.local"] [unique_id "aZako0jAwOjvkqsvh6x0QwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:12:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:12:21.050151 2026] [security2:error] [pid 16458:tid 16458] [client 104.207.41.227:25723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathyquan.com"] [uri "/app/.env"] [unique_id "aZZxhYBxhPOKjEBgs7hJAgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:10:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:10:20.875962 2026] [security2:error] [pid 32182:tid 32182] [client 104.207.41.227:58481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vitality-webb.com"] [uri "/config/.env"] [unique_id "aZZU7CDwpWFqLnGW8oN8MQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-19 00:04:32 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.41.227 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.41.227 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 22:51:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 17:51:03.010803 2026] [security2:error] [pid 17074:tid 17074] [client 104.207.41.227:59667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vandiprojects.com"] [uri "/.env.production"] [unique_id "aZZCVynpWmNryyX_nWs8ZAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:05:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:05:10.658673 2026] [security2:error] [pid 26612:tid 26612] [client 104.207.41.227:12623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tractiondrive.com"] [uri "/app/.env"] [unique_id "aZYbdtZoah0XlNKwaYVLpgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:53:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:53:08.961566 2026] [security2:error] [pid 7452:tid 7452] [client 104.207.41.227:23293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thumbmotorsales.com"] [uri "/.env.production"] [unique_id "aZYKlOOCRpjqQ8PjgjWZoQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-18 17:06:31 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack

Showing 1 to 15 of 159 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.116

🇲🇾 47.254.242.172

🇬🇧 35.203.211.65

🇨🇳 223.93.164.218

🇰🇷 218.52.254.90

🇺🇸 205.210.31.110

🇹🇼 198.235.24.100

🇷🇼 197.243.14.52

🇺🇸 173.255.212.137

🇻🇺 138.226.239.10

🇻🇳 123.16.119.38

🇨🇳 120.198.61.146

🇨🇬 102.141.53.174

🇸🇬 101.47.158.56

🇮🇹 83.224.159.245

🇩🇪 69.5.169.47

🇺🇸 67.205.189.163

🇺🇸 67.205.159.167

🇮🇳 64.227.136.45

🇨🇳 42.180.54.76