JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.240

104.207.39.240 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 22%: ?

22%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.240

Whois 104.207.39.240

IP Abuse Reports for 104.207.39.240:

This IP address has been reported a total of 130 times from 20 distinct sources. 104.207.39.240 was first reported on June 4th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-26 02:04:50 (4 days ago)	Brute force	Brute-Force
🇱🇻 garmtech.com	2026-05-29 16:46:10 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-46.104.207.39.240.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-46.104.207.39.240.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 oncord	2026-05-29 09:57:08 (1 month ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-05-24 00:08:49 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-08.104.207.39.240.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-08.104.207.39.240.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-21 17:24:14 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 20-24.104.207.39.240.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 20-24.104.207.39.240.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-19 15:25:23 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-25.104.207.39.240.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-25.104.207.39.240.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇫🇮 6kilowatti	2026-05-13 05:04:09 (1 month ago)	104.207.39.240 - - [13/May/2026:08:04:09 +0300] "GET /oh6kw-admin/ HTTP/1.1" 404 60 "https://6kw.fi/ ... show more 104.207.39.240 - - [13/May/2026:08:04:09 +0300] "GET /oh6kw-admin/ HTTP/1.1" 404 60 "https://6kw.fi/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 YaBrowser/26.3.0.0 Safari/537.36" ... show less	Web App Attack
🇸🇮 administrator	2026-05-04 17:04:49 (1 month ago)	2026-04-14 19:24:32,233 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.39.240 2 ... show more 2026-04-14 19:24:32,233 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.39.240 2026-04-14 19:24:32,233 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.39.240 2026-04-14 19:24:32,233 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.39.240 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-04-18 17:32:13 (2 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇺🇸 windowsforum	2026-02-28 18:55:19 (4 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, username=VioletteTh	Web Spam Bad Web Bot
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇨🇭 backslash	2026-01-19 04:25:04 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-30 10:59:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 05:59:04.998674 2025] [security2:error] [pid 15918:tid 15918] [client 104.207.39.240:17243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lazymanvegan.com"] [uri "/.env"] [unique_id "aVOweBAp82S9zfqEruE7RwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:38:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:37:58.795673 2025] [security2:error] [pid 2566013:tid 2566039] [client 104.207.39.240:53973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adultbaja.com"] [uri "/.svn/wc.db"] [unique_id "aVITtppwqS-pohtV-2w5bwAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:01:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:01:32.470721 2025] [security2:error] [pid 18647:tid 18647] [client 104.207.39.240:21709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "verdadesreales.com"] [uri "/.svn/wc.db"] [unique_id "aVILLEzGRDsfrhHQ15hPZgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 201.149.53.243

🇺🇸 195.184.76.209

🇳🇱 176.65.139.215

🇺🇸 162.216.150.196

🇧🇬 91.191.209.118

🇺🇸 74.207.253.22

🇮🇳 52.140.76.154

🇸🇬 43.160.197.242

🇬🇧 35.203.210.146

🇺🇸 20.163.60.204

🇺🇸 20.84.144.171

🇺🇸 15.204.88.70

🇲🇽 177.227.41.193

🇺🇸 173.239.218.245

🇧🇩 157.119.49.195

🇺🇸 107.5.220.3

🇦🇪 95.182.93.67

🇫🇷 38.242.209.160

🇬🇧 35.203.210.12

🇨🇳 14.103.117.85