JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.38

104.207.41.38 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.38

Whois 104.207.41.38

IP Abuse Reports for 104.207.41.38:

This IP address has been reported a total of 141 times from 18 distinct sources. 104.207.41.38 was first reported on June 11th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-08 05:11:19 (4 days ago)	Brute force	Brute-Force
🇩🇪 FeG Deutschland	2026-03-28 15:04:13 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇱🇻 garmtech.com	2026-02-15 05:58:54 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2026-02-13 16:31:15 (3 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇩🇪 stinpriza	2026-02-13 11:27:37 (3 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:40:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:40:37.527196 2026] [security2:error] [pid 9164:tid 9164] [client 104.207.41.38:26777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idahostem.org"] [uri "/site/.git/config"] [unique_id "aYq2xQ6VS5ITQS0_11r9wwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:56:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:56:09.713811 2026] [security2:error] [pid 14873:tid 14873] [client 104.207.41.38:61969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiubo.net"] [uri "/app/.git/config"] [unique_id "aYqsWfLtwAJwoLZu3BkgSQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-02-10 03:02:41 (4 months ago)	2026-02-10 04:02:41 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:25:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:24:59.114788 2026] [security2:error] [pid 28942:tid 28942] [client 104.207.41.38:19425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hudready.com"] [uri "/.env"] [unique_id "aYp62_sGuenzpiveAdaxKwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:01:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:01:25.168344 2026] [security2:error] [pid 11200:tid 11200] [client 104.207.41.38:56085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdeering.net"] [uri "/api/.git/config"] [unique_id "aYpnRQGOx5lSuACYSYvpoQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:03:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:03:07.808561 2026] [security2:error] [pid 311699:tid 311699] [client 104.207.41.38:17075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathiekate.com"] [uri "/dev/.git/config"] [unique_id "aYpZm9FAK_5080JEdcuQrgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:09:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:08:41.029284 2026] [security2:error] [pid 22918:tid 22918] [client 104.207.41.38:57779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenbernsteinlaw.net"] [uri "/api/.git/config"] [unique_id "aYpM2e5ob_5AmbfFJfKwNAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-15 03:39:51 (5 months ago)	botnet	DDoS Attack
Anonymous	2025-11-14 02:02:01 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-17 12:16:35 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.89.60.99

🇷🇺 77.37.162.117

🇵🇱 57.128.239.139

🇸🇬 47.128.32.181

🇺🇸 20.14.73.62

🇩🇪 193.169.194.14

🇫🇮 147.185.133.89

🇰🇷 125.142.37.91

🇺🇸 107.150.100.72

🇮🇷 78.39.2.14

🇳🇱 45.148.10.141

🇺🇸 184.105.247.235

🇦🇲 176.32.193.16

🇳🇱 88.151.32.89

🇷🇴 80.94.92.171

🇺🇸 66.132.195.144

🇩🇪 45.135.141.9

🇩🇰 185.129.62.62

🇺🇸 172.234.217.129

🇨🇱 136.248.247.188