JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.134

104.207.40.134 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.134

Whois 104.207.40.134

IP Abuse Reports for 104.207.40.134:

This IP address has been reported a total of 154 times from 27 distinct sources. 104.207.40.134 was first reported on June 8th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ParaBug	2026-05-30 01:24:41 (1 week ago)	104.207.40.134 - - [30/May/2026:03:24:40 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.aws/cre ... show more 104.207.40.134 - - [30/May/2026:03:24:40 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.aws/credentials HTTP/1.1" 403 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" ... show less	Phishing Brute-Force Web App Attack
🇳🇱 MatStef132	2026-05-19 20:59:02 (2 weeks ago)	MatShield L7: blocked on dstat.selify.io (click-id-direct-nav)	DDoS Attack
🇫🇷 MatStef132	2026-05-15 15:39:09 (3 weeks ago)	MatShield L7 blocked request to mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇳🇱 MatStef132	2026-05-15 13:29:59 (3 weeks ago)	MatShield L7 blocked request to fivemtest.mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:37 (3 weeks ago)	[mathost.eu] clic	DDoS Attack Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-04-28 15:44:20 (1 month ago)	Cloudflare WAF: Request Path: /123456 Request Query: ?utm_term=1777391060465565072 Host: elhacker.ne ... show more Cloudflare WAF: Request Path: /123456 Request Query: ?utm_term=1777391060465565072 Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.130 Safari/537.36 Action: block Source: ratelimit ASN Description: 3xK Tech GmbH Country: US Method: GET Timestamp: 2026-04-28T15:44:20Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇬🇧 relianoid.com	2026-03-21 01:28:57 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-02-15 11:52:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:52:54.918021 2026] [security2:error] [pid 25273:tid 25273] [client 104.207.40.134:17629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sergioaurell.com"] [uri "/.env.save"] [unique_id "aZGzlqmgB4uo6UJTI-gAcAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 11:23:48 (3 months ago)	104.207.40.134 - - [15/Feb/2026:11:23:41 +0000] "GET /.env HTTP/1.1" 302 622 "-" "Mozilla/5.0 (Windo ... show more 104.207.40.134 - - [15/Feb/2026:11:23:41 +0000] "GET /.env HTTP/1.1" 302 622 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:18:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:18:53.274668 2026] [security2:error] [pid 23094:tid 23094] [client 104.207.40.134:64971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sellingcarshandbook.com"] [uri "/admin/.env"] [unique_id "aZGrnd6ZjfvtotRSPVLx5AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:58:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:58:51.200875 2026] [security2:error] [pid 22540:tid 22540] [client 104.207.40.134:29451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "osmanbozkurt.com"] [uri "/site/.git/config"] [unique_id "aZGm666Ixi96GzJJarBIgwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 05:53:54 (3 months ago)	Try to access /v2/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:26:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:26:13.841109 2026] [security2:error] [pid 9579:tid 9579] [client 104.207.40.134:41649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "savoiapower.com"] [uri "/site/.git/config"] [unique_id "aZFY9UTMIWeTd0LhK7pAeQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 poundawebsiteltd	2026-02-15 05:23:49 (3 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 104.207.40.134 - - [15/Feb/2026:0 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 104.207.40.134 - - [15/Feb/2026:05:23:47 +0000] GET /app/.git/config HTTP/1.1 403 213 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Web App Attack

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.171.208.232

🇩🇪 167.94.145.19

🇺🇸 52.176.211.73

🇺🇸 20.83.167.20

🇨🇳 14.103.118.186

🇺🇦 213.109.226.18

🇳🇱 204.76.203.219

🇪🇬 197.44.15.210

🇩🇪 176.65.132.17

🇺🇸 167.99.100.244

🇸🇬 152.32.218.149

🇵🇭 136.158.41.65

🇨🇳 121.199.161.156

🇨🇳 119.255.245.44

🇺🇸 108.188.78.84

🇨🇦 104.223.84.94

🇺🇸 74.125.77.205

🇺🇸 64.62.156.80

🇱🇹 62.60.130.59

🇮🇪 54.170.91.100