JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.33

104.207.41.33 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.33

Whois 104.207.41.33

IP Abuse Reports for 104.207.41.33:

This IP address has been reported a total of 154 times from 24 distinct sources. 104.207.41.33 was first reported on June 5th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 i-turnradio.nl	2026-01-31 10:24:37 (4 months ago)	2026-01-31 11:24:36 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇫🇷 tilellit.pro	2026-01-29 19:59:58 (4 months ago)	Fail2Ban banned 104.207.41.33 for security violations in jail wp-armour. Log: 2026/01/29 19:59:58 [e ... show more Fail2Ban banned 104.207.41.33 for security violations in jail wp-armour. Log: 2026/01/29 19:59:58 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.41.33 \| Target: wplogin" , client: 104.207.41.33, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-01-15 11:04:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 06:04:15.695040 2026] [security2:error] [pid 3487:tid 3487] [client 104.207.41.33:13749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thekingofweed.com"] [uri "/.env"] [unique_id "aWjJr40iftO4yHq_YYGOEQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 MM-bot	2026-01-02 17:35:51 (5 months ago)	URL-probe: HTTP/1.1 GET request on /wp-login.php (2026-01-02 18:35:51 UTC+1)	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:12 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-23 23:55:21 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇨🇭 backslash	2025-12-22 19:00:08 (5 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
Anonymous	2025-12-22 15:07:09 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:31:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:31:01.125260 2025] [security2:error] [pid 5694:tid 5694] [client 104.207.41.33:59965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.scottcarper.com"] [uri "/.env"] [unique_id "aSQl1Rit-_1ZXPoMARZEgAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:44:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:44:18.435178 2025] [security2:error] [pid 23972:tid 23972] [client 104.207.41.33:51321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.biblemathprojects.com"] [uri "/.git/HEAD"] [unique_id "aSP-wg3Eeg8lFxT-PlwgNgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:23:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:23:21.230264 2025] [security2:error] [pid 9166:tid 9166] [client 104.207.41.33:27271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.bodiehistory.com"] [uri "/.env"] [unique_id "aSP52bC4CzpIJ71cyKJw5wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:10:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:10:06.938458 2025] [security2:error] [pid 13555:tid 13555] [client 104.207.41.33:50417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.rcrgalicia.com"] [uri "/.env"] [unique_id "aSPorjjGYmVHo_ANVdpNnAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:43:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:43:16.609070 2025] [security2:error] [pid 8471:tid 8471] [client 104.207.41.33:17431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.onlyincanada-eh.com"] [uri "/.env"] [unique_id "aSPiZGxPN9vRhYoyTWvougAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:48:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:48:42.864428 2025] [security2:error] [pid 3965260:tid 3965353] [client 104.207.41.33:24601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ace-es.com"] [uri "/.env"] [unique_id "aSPVmqyiyKH59MCrZuHrTgAAAgE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 01:25:12 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇧 194.246.89.139

🇨🇦 192.40.185.185

🇺🇸 2607:f8b0:4001:c5f::126

🇺🇸 205.210.31.102

🇫🇷 176.125.224.179

🇺🇸 162.216.149.102

🇨🇳 125.94.106.195

🇨🇳 120.48.80.70

🇭🇰 47.76.247.112

🇧🇪 34.156.219.95

🇷🇴 2.57.122.177

🇨🇳 221.234.36.123

🇺🇸 206.189.225.77

🇳🇱 176.65.148.197

🇮🇩 103.78.208.67

🇭🇰 46.247.61.43

🇳🇱 45.142.193.16

🇧🇪 34.79.35.36

🇰🇷 218.149.228.142

🇩🇪 213.209.159.241