JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.87

104.207.41.87 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.87

Whois 104.207.41.87

IP Abuse Reports for 104.207.41.87:

This IP address has been reported a total of 153 times from 17 distinct sources. 104.207.41.87 was first reported on June 12th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VINA	2026-02-25 11:47:51 (3 months ago)	Banned by SPAMHAUS ASN-DROP list (ASN: 200373)	DDoS Attack Hacking Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-20 10:31:12 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2026-02-13 04:22:24 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 00:58:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 19:58:38.226412 2025] [security2:error] [pid 3580866:tid 3580866] [client 104.207.41.87:17209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mdivietnam.com"] [uri "/.env"] [unique_id "aVCAvt5Baad-5uw5iiM2tgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:07:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:07:33.449139 2025] [security2:error] [pid 25189:tid 25189] [client 104.207.41.87:31995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kotelbarmitzvah.com"] [uri "/.git/HEAD"] [unique_id "aVBmtdwT6jYyPOjzZX2QpgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:04:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:04:03.369742 2025] [security2:error] [pid 29936:tid 29936] [client 104.207.41.87:29649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ajvaage.com"] [uri "/.env"] [unique_id "aVA7sxV8xZmPz_Xd0ZjpCQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 18:05:19 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:05:14.497596 2025] [security2:error] [pid 27107:tid 27107] [client 104.207.41.87:47009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "72blues.com"] [uri "/.svn/wc.db"] [unique_id "aVAf2p9LVYRD1WkbkNmtwgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Tanados	2025-12-27 14:59:58 (5 months ago)	Blocked by UFW [80/tcp] Source port: 13353 TTL: 52 Packet length: 60 TOS: 0x00 This report was gene ... show more Blocked by UFW [80/tcp] Source port: 13353 TTL: 52 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-12-03 16:54:22 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-11-29 03:08:31 (6 months ago)	Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.29 is noted in report ti ... show more Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.29 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 10:16:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:16:02.131780 2025] [security2:error] [pid 22418:tid 22418] [client 104.207.41.87:26957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.njonker.com"] [uri "/.env"] [unique_id "aSbTYkrX6Sv4ivLwDyBIXwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:41:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:41:29.912170 2025] [security2:error] [pid 31268:tid 31268] [client 104.207.41.87:41221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.blastjet.net"] [uri "/.svn/wc.db"] [unique_id "aSaTCZMrypgsGAD_KLczqwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-26 01:00:30 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 09:34:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:34:08.887590 2025] [security2:error] [pid 10878:tid 10878] [client 104.207.41.87:44191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.keystonestandard.com"] [uri "/.env"] [unique_id "aSQmkLQo50-VWkFPIXHCkgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:50:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:50:12.021068 2025] [security2:error] [pid 11215:tid 11215] [client 104.207.41.87:54371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.dewsales.com"] [uri "/.svn/wc.db"] [unique_id "aSQcRI-Pkpk2VWH7z4WwfQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.79

🇩🇪 202.71.141.170

🇳🇬 165.154.11.170

🇰🇷 112.219.151.50

🇩🇪 68.183.77.51

🇨🇦 65.38.33.35

🇧🇪 34.62.178.143

🇩🇪 213.209.159.226

🇺🇸 198.46.168.51

🇦🇷 190.104.35.122

🇳🇱 86.54.31.34

🇳🇱 81.19.216.78

🇱🇹 77.90.185.80

🇩🇪 5.75.225.42

🇩🇪 167.94.146.49

🇺🇸 162.216.149.234

🇮🇳 156.67.105.185

🇺🇦 91.192.46.148

🇳🇱 89.21.67.163

🇺🇸 71.235.225.181