JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.79

104.207.41.79 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.79

Whois 104.207.41.79

IP Abuse Reports for 104.207.41.79:

This IP address has been reported a total of 132 times from 16 distinct sources. 104.207.41.79 was first reported on June 3rd 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 AvonleaConsulting	2026-04-30 23:07:07 (1 month ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 14:07:09 (4 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:07:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:06:58.746917 2026] [security2:error] [pid 3633:tid 3633] [client 104.207.41.79:56701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medioskreativos.com"] [uri "/api/.git/config"] [unique_id "aY7Nkij8BU4CcyFPYaza7AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:05:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:05:17.446212 2026] [security2:error] [pid 32723:tid 32723] [client 104.207.41.79:59847] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matchsticbranding.agency"] [uri "/app/.git/config"] [unique_id "aY6xDa0mfVy7Hb1Rea-M5AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:30:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:30:37.106203 2026] [security2:error] [pid 26455:tid 26455] [client 104.207.41.79:60343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marveldirectory.com"] [uri "/config/.env"] [unique_id "aY6o7fyyythJMamzwOicMQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:14:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:14:44.649839 2026] [security2:error] [pid 187755:tid 187755] [client 104.207.41.79:63333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marriedtv.com"] [uri "/.env.save"] [unique_id "aY6lNLJSK0KxBN_wdzLImAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 19:54:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:54:13.558199 2026] [security2:error] [pid 3500:tid 3534] [client 104.207.41.79:36299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geekmd.org"] [uri "/.git/config"] [unique_id "aY4v5SCcgeB40xklwK-CtQAAAVU"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-02-12 17:32:01 (4 months ago)	/.env	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 17:09:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 12:09:39.373962 2026] [security2:error] [pid 30144:tid 30144] [client 104.207.41.79:55881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fullbladderclub.com"] [uri "/.git/config"] [unique_id "aYoU00AzfM5VbnrdFaowogAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 08:23:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 03:23:17.705630 2026] [security2:error] [pid 26632:tid 26632] [client 104.207.41.79:16965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxztrader.com"] [uri "/app/.env"] [unique_id "aYmZdcDG0w4qgVjP7k7aYwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 05:20:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 00:20:11.866771 2026] [security2:error] [pid 28097:tid 28097] [client 104.207.41.79:14787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingangelinvestors.com"] [uri "/.env.production"] [unique_id "aYlui3iCIuv4Ao2yoVW7bQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 vtchost.com	2026-01-24 01:20:01 (4 months ago)	invalid user agent, possible botnet ...	Bad Web Bot Exploited Host
🇮🇹 VHosting	2025-12-23 11:24:10 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-11-14 06:50:43 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇩🇪 ps-center	2025-10-19 12:59:25 (7 months ago)	SS5-W: TCP-Scanner. Port: 22	Port Scan

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.219.243.53

🇨🇳 182.88.191.209

🇷🇺 176.209.216.47

🇪🇨 157.100.136.154

🇷🇴 80.94.92.145

🇳🇱 45.148.10.157

🇺🇸 184.105.139.71

🇺🇸 162.216.150.140

🇩🇪 157.230.18.133

🇭🇰 103.231.14.54

🇮🇳 103.164.197.150

🇺🇸 66.132.198.27

🇰🇷 49.247.37.22

🇨🇳 49.235.185.201

🇸🇪 31.59.160.12

🇨🇳 14.103.127.30

🇺🇸 2602:80d:1008::2a

🇸🇬 152.42.176.167

🇻🇳 118.71.196.140

🇳🇱 45.153.34.32