JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.41.89

104.207.41.89 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.41.89

Whois 104.207.41.89

IP Abuse Reports for 104.207.41.89:

This IP address has been reported a total of 157 times from 22 distinct sources. 104.207.41.89 was first reported on June 6th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-10 14:55:17 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-03-05 08:51:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:51:46.628375 2026] [security2:error] [pid 2915:tid 2942] [client 104.207.41.89:21933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/c2/3f2181acfb66ef0d5b6c8c4696414340618709"] [unique_id "aalEImbdh7c6FWT9QFVVogAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ambor	2026-01-19 08:15:08 (4 months ago)	Spam submission via wordotron.com contact form. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64 ... show more Spam submission via wordotron.com contact form. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1264.71. Timestamp: 2026-01-19T08:15:08.213Z show less	Web Spam
🇺🇸 ambor	2026-01-19 04:28:53 (4 months ago)	Spam submission via wordotron.com contact form. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64 ... show more Spam submission via wordotron.com contact form. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1264.71. Timestamp: 2026-01-19T04:28:52.923Z show less	Web Spam
Anonymous	2025-12-09 07:21:19 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-08 10:20:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 05:19:56.003111 2025] [security2:error] [pid 5720:tid 5720] [client 104.207.41.89:34865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theabstractpress.com"] [uri "/.env"] [unique_id "aTamTDwvvhoVV5AJVoQ5TwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-08 07:30:42 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-07 16:34:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 11:34:17.534782 2025] [security2:error] [pid 12462:tid 12462] [client 104.207.41.89:12715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "my-pitch.org"] [uri "/.svn/wc.db"] [unique_id "aTWsiVStAKEkEz2bKtPeSAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 14:25:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 09:25:42.429379 2025] [security2:error] [pid 32747:tid 32754] [client 104.207.41.89:60175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "okorganicgardening.org"] [uri "/.git/HEAD"] [unique_id "aTWOZuHycua3h1op5Lit-QAAAIU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 02:50:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 21:49:55.799611 2025] [security2:error] [pid 20140:tid 20140] [client 104.207.41.89:59467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bioterrorismbooks.info"] [uri "/.git/HEAD"] [unique_id "aTOZ023oyrhsiplcd3kkNAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 16:52:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:52:02.948113 2025] [security2:error] [pid 26829:tid 26829] [client 104.207.41.89:20587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garretthillary.com"] [uri "/.git/HEAD"] [unique_id "aTMNsgbfQ76EsYCiH6-a-gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:44:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:44:26.038554 2025] [security2:error] [pid 25616:tid 25616] [client 104.207.41.89:34919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pierrebastin.com"] [uri "/.svn/wc.db"] [unique_id "aTKNWinAbc8ZinaKYs982gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:29:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:29:20.260626 2025] [security2:error] [pid 4223:tid 4223] [client 104.207.41.89:56487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cookerwars.com"] [uri "/.env"] [unique_id "aTJtsFUml95WdZag_PV2YwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:47:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.41.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:47:08.508275 2025] [security2:error] [pid 1877:tid 1877] [client 104.207.41.89:9007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeranny.com"] [uri "/.svn/wc.db"] [unique_id "aTJVvLwA76b_CIrTJbKFvwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.83

🇲🇾 202.165.15.132

🇬🇪 185.228.135.197

🇺🇸 172.253.209.154

🇬🇧 89.37.172.139

🇳🇱 45.148.10.152

🇺🇸 34.86.212.97

🇳🇱 204.76.203.206

🇮🇳 182.95.181.22

🇲🇴 182.93.50.90

🇧🇷 179.125.70.167

🇺🇸 172.253.93.215

🇮🇳 165.232.191.178

🇮🇳 64.227.164.66

🇺🇸 47.232.125.214

🇧🇷 45.163.65.230

🇳🇱 45.148.10.151

🇧🇪 34.62.207.77

🇦🇪 20.203.42.204

🇨🇳 14.103.119.118