JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.35

104.207.41.35 was found in our database!

This IP was reported 123 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.35

Whois 104.207.41.35

IP Abuse Reports for 104.207.41.35:

This IP address has been reported a total of 123 times from 22 distinct sources. 104.207.41.35 was first reported on June 8th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-03-10 05:46:29 (2 months ago)	Brute force	Brute-Force
🇪🇸 10dencehispahard SL	2025-12-30 08:48:53 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:38 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-23 16:45:27 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇨🇳 ThreatBook.io	2025-11-27 03:07:49 (6 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.41.35 20 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.41.35 2025-11-26 17:49:29 /.git/HEAD show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:09:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:09:35.904177 2025] [security2:error] [pid 2436:tid 2436] [client 104.207.41.35:53849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.osmanbozkurt.com"] [uri "/.svn/wc.db"] [unique_id "aSaZn7_bo_F9HCYCruguegAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:51:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:51:27.567716 2025] [security2:error] [pid 20165:tid 20165] [client 104.207.41.35:26909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.grantjennings.com"] [uri "/.env"] [unique_id "aSZrL_i80bRZttrRCbdCagAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2025-11-25 12:53:56 (6 months ago)	2025-11-25 @ 13:53:56 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:23:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:23:47.489916 2025] [security2:error] [pid 22977:tid 22977] [client 104.207.41.35:43131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.perryoclock.healingtrek.com"] [uri "/.git/HEAD"] [unique_id "aSUTMxwX8P3GVS3J7lLW0wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 01:08:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.35 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 20:08:27.002967 2025] [security2:error] [pid 20718:tid 20718] [client 104.207.41.35:33521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.johnsoncityjudo.com"] [uri "/.git/HEAD"] [unique_id "aSOwC81y9YgjjLaqf7bquAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Teufel100	2025-11-23 19:05:59 (6 months ago)	ModSecurity rejected a query'	Hacking Brute-Force Web App Attack
Anonymous	2025-11-07 06:53:40 (7 months ago)	[redacted] 104.207.41.35 - - [07/Nov/2025:07:53:25 +0100] "POST /xmlrpc.php HTTP/2.0" 200 447 "-" "M ... show more [redacted] 104.207.41.35 - - [07/Nov/2025:07:53:25 +0100] "POST /xmlrpc.php HTTP/2.0" 200 447 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.5) Gecko/2008120121 Firefox/3.0.5" [redacted] 104.207.41.35 - - [07/Nov/2025:07:53:27 +0100] "POST /xmlrpc.php HTTP/2.0" 200 447 "-" "Mozilla/5.0 (iPad; U; CPU OS 3_2_2 like Mac OS X; de-de) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B500 Safari/531.21.10" [redacted] 104.207.41.35 - - [07/Nov/2025:07:53:28 +0100] "POST /xmlrpc.php HTTP/2.0" 200 447 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 9_3 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13E234 Safari/601.1" [redacted] 104.207.41.35 - - [07/Nov/2025:07:53:30 +0100] "POST /xmlrpc.php HTTP/2.0" 200 447 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_2_1 like Mac OS X) AppleWebKit/602.4.6 (KHTML, like Gecko) Version/10.0 Mobile/14D27 Safari/602.1" [redacted] 104.207.41.35 - - [07/Nov/2025:07:53:31 +010 ... show less	Hacking Web App Attack
Anonymous	2025-10-30 15:14:03 (7 months ago)	WordPress Brute Force	Brute-Force
🇦🇺 AWW-Admin	2025-10-29 14:58:31 (7 months ago)	(wordpress) Failed wordpress login from 104.207.41.35 (US/United States/-)	Brute-Force
Anonymous	2025-10-19 16:14:52 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.19 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 123 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇻 190.150.170.175

🇺🇸 162.216.149.90

🇰🇿 109.201.56.176

🇿🇦 102.64.38.92

🇺🇸 75.191.77.77

🇩🇪 69.5.169.213

🇱🇹 62.60.130.182

🇺🇸 195.184.76.167

🇵🇱 194.180.49.220

🇮🇩 182.253.153.132

🇧🇷 170.81.219.208

🇺🇸 162.216.149.170

🇺🇸 157.230.178.179

🇧🇬 79.124.58.118

🇧🇬 79.124.58.70

🇧🇬 79.124.40.146

🇺🇸 69.12.64.60

🇸🇦 37.56.13.207

🇺🇸 34.48.98.43

🇷🇺 31.173.2.172