JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.161

104.207.40.161 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.161

Whois 104.207.40.161

IP Abuse Reports for 104.207.40.161:

This IP address has been reported a total of 143 times from 11 distinct sources. 104.207.40.161 was first reported on June 4th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇮🇹 VHosting	2025-12-23 11:24:09 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-26 10:12:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:11:56.702822 2025] [security2:error] [pid 26772:tid 26837] [client 104.207.40.161:48145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.proracersecrets.com"] [uri "/.env"] [unique_id "aSbSbHmAvLO2HMScmBCVRAAAAQg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:44:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:44:21.656931 2025] [security2:error] [pid 16934:tid 16983] [client 104.207.40.161:20999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rawhabitat.philacentric.com"] [uri "/.svn/wc.db"] [unique_id "aSahxRKESCEx-WKRVnsskwAAAZM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:32:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:32:27.993620 2025] [security2:error] [pid 898:tid 898] [client 104.207.40.161:13363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.abneyfoundation.org"] [uri "/.svn/wc.db"] [unique_id "aSZmu7ZFtV0gVgVi5b4cowAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:13:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:12:54.071288 2025] [security2:error] [pid 9329:tid 9329] [client 104.207.40.161:18653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.anywheregarden.com"] [uri "/.svn/wc.db"] [unique_id "aSVI5qi47iTxypWx6kdXbwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:14:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:14:22.590559 2025] [security2:error] [pid 13755:tid 13799] [client 104.207.40.161:21331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.aiegroup.com"] [uri "/.env"] [unique_id "aSU7LvPKifHcHLquJ66HLQAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:08:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:07:55.719989 2025] [security2:error] [pid 1817001:tid 1817052] [client 104.207.40.161:60975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.cwminstitute.com"] [uri "/.git/HEAD"] [unique_id "aSUrm2R1ttxeyDpsCa9NdgAAAY0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:51:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:51:41.059813 2025] [security2:error] [pid 6326:tid 6326] [client 104.207.40.161:15923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.wwts.io"] [uri "/.env"] [unique_id "aSUnzRRhvaigY1hDzx1seAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:57:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:57:35.851679 2025] [security2:error] [pid 15284:tid 15284] [client 104.207.40.161:53193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.123clearmyticket.com"] [uri "/.svn/wc.db"] [unique_id "aSUbHwaZso6dT5CXww-yCgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:38:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:38:07.667658 2025] [security2:error] [pid 29128:tid 29128] [client 104.207.40.161:13667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.asduk.com"] [uri "/.git/HEAD"] [unique_id "aSUWj6N9EYvCJpQytEDHCwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:22:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:21:36.581152 2025] [security2:error] [pid 22831:tid 22831] [client 104.207.40.161:14135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.agapeaccountingllc.com"] [uri "/.env"] [unique_id "aSUSsHnf1S2s8rcWfPfItQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:36:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:36:01.638664 2025] [security2:error] [pid 24531:tid 24531] [client 104.207.40.161:24457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.brenna-droege.com"] [uri "/.svn/wc.db"] [unique_id "aSQnAYJwnjU9tGuciTr7cwAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:08:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:08:09.028971 2025] [security2:error] [pid 11470:tid 11470] [client 104.207.40.161:12119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.flugstad.com"] [uri "/.svn/wc.db"] [unique_id "aSQgecyZYZ-bIeeGdLErMgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.182

🇨🇳 180.153.236.15

🇫🇷 85.217.140.39

🇫🇷 85.217.140.22

🇺🇸 216.180.246.186

🇫🇷 85.217.140.53

🇫🇷 85.217.140.40

🇫🇷 85.217.140.2

🇺🇸 64.62.197.214

🇺🇸 34.136.212.158

🇺🇸 18.117.191.173

🇺🇸 3.137.141.198

🇮🇳 2401:4900:883d:c1e8:c9dc:c4ba:441b:4094

🇨🇳 220.202.105.174

🇰🇷 218.234.17.96

🇨🇿 195.250.139.178

🇳🇱 185.242.226.90

🇵🇪 161.132.52.94

🇺🇸 108.179.225.18

🇺🇸 104.243.46.222