JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.40

104.207.39.40 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.40

Whois 104.207.39.40

IP Abuse Reports for 104.207.39.40:

This IP address has been reported a total of 145 times from 22 distinct sources. 104.207.39.40 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-27 11:39:03 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇦🇺 MAGIC	2026-03-12 03:25:31 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇧🇷 SOC Blue Team	2026-01-16 17:48:25 (5 months ago)	Tatic: TA0006 \| Technique: T1110 \| Source: TAP \| Country Destination: BR	Brute-Force
Anonymous	2026-01-15 05:57:40 (5 months ago)	Forum/form spam	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:56 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇪🇸 10dencehispahard SL	2025-12-29 11:00:38 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-12-22 15:57:38 (6 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.22 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.22 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-15 19:55:41 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 07:31:57 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:31:51.918318 2025] [security2:error] [pid 3028:tid 3028] [client 104.207.39.40:23953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thinkingepic.com"] [uri "/.env"] [unique_id "aSQJ5-QttdxT3u7tYx3g1AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:42:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:42:09.515071 2025] [security2:error] [pid 16676:tid 16676] [client 104.207.39.40:56847] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.twinls.com"] [uri "/.env"] [unique_id "aSP-QbNVVIjnexZJ3w8gNgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:55:52 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:55:35.687843 2025] [security2:error] [pid 3258776:tid 3258776] [client 104.207.39.40:19277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "4pginc1.iyp-home.com"] [uri "/.env"] [unique_id "aSPXN_f8v6nBMM2WQxoEHwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:20:37 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:20:30.603128 2025] [security2:error] [pid 3356:tid 3356] [client 104.207.39.40:58927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "proyectos.gabosoftware.com"] [uri "/.git/HEAD"] [unique_id "aSPO_qIRs_3T8-_W5mxRIQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-17 03:14:39 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 16 22:14:35.914855 2025] [security2:error] [pid 300:tid 300] [client 104.207.39.40:45343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.caringforwomenlq.com"] [uri "/.env"] [unique_id "aRqTG9Z9vLDTmXsZzjm4vgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 23:24:24 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.73.109.194

🇩🇴 179.53.250.243

🇨🇳 111.9.22.102

🇫🇷 90.63.199.41

🇺🇸 45.92.229.99

🇨🇴 190.71.163.185

🇨🇴 181.129.41.162

🇰🇷 121.181.127.160

🇺🇸 71.6.238.194

🇺🇸 69.164.217.245

🇭🇰 61.244.180.62

🇨🇦 20.63.59.142

🇯🇵 8.216.3.63

🇷🇴 193.32.162.84

🇲🇽 187.251.123.104

🇺🇸 172.212.174.123

🇭🇰 152.32.239.90

🇺🇸 103.203.57.4

🇫🇷 91.231.89.136

🇭🇰 45.192.192.135