JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.195

104.207.40.195 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.195

Whois 104.207.40.195

IP Abuse Reports for 104.207.40.195:

This IP address has been reported a total of 146 times from 21 distinct sources. 104.207.40.195 was first reported on June 6th 2024, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 wlt-blocker	2026-06-27 07:24:50 (11 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇧🇪 cmbplf	2026-06-26 07:40:37 (1 day ago)	205 requests with url.path .git/	Brute-Force Bad Web Bot
🇵🇱 sefinek.net	2025-12-24 06:46:14 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-08 19:59:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 14:59:28.452761 2025] [security2:error] [pid 26917:tid 26917] [client 104.207.40.195:58245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hkaida.com"] [uri "/.svn/wc.db"] [unique_id "aTcuIAw0CsDKL0Mbq9ZTIQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:25:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:25:41.203449 2025] [security2:error] [pid 23568:tid 23568] [client 104.207.40.195:48047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "todi.org"] [uri "/.git/HEAD"] [unique_id "aTWcdSdEoN8GXweGBAwrjAAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 19:20:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 14:20:06.243594 2025] [security2:error] [pid 11461:tid 11461] [client 104.207.40.195:32471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "islandsuperbook.net"] [uri "/.git/HEAD"] [unique_id "aTSB5mfwHuUS7NwqUoVPAAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:32:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:31:59.488755 2025] [security2:error] [pid 20050:tid 20050] [client 104.207.40.195:40929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spicymilk.com"] [uri "/.git/HEAD"] [unique_id "aTKYf957vLnKyHc-RHfiSwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:33:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:33:17.502430 2025] [security2:error] [pid 23003:tid 23003] [client 104.207.40.195:13001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-brochures.com"] [uri "/.git/HEAD"] [unique_id "aTJSffbNGBaKmKbdD3EDoAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:03:03 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:02:51.887570 2025] [security2:error] [pid 13941:tid 13978] [client 104.207.40.195:55177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.certifiedprojectmanager.eu"] [uri "/.git/HEAD"] [unique_id "aSQDG_SSVFm8noxFLWxQ7gAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 06:21:35 (7 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 02:57:24 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 21:57:17.683405 2025] [security2:error] [pid 21699:tid 21699] [client 104.207.40.195:48539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.hollorancompanies.com"] [uri "/.env"] [unique_id "aSPJjX7WCS0jW36EXDDEswAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-17 23:22:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 17 18:22:14.685355 2025] [security2:error] [pid 11706:tid 11706] [client 104.207.40.195:38553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.accordionclub.org"] [uri "/.env"] [unique_id "aRuuJkCVckIhBeN3d4C3xwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 21:04:25 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-07 20:04:33 (7 months ago)	WP Login Scan Activities	Web App Attack
🇧🇷 hostseries	2025-10-25 06:22:48 (8 months ago)	Trigger: LF_DISTATTACK	Brute-Force

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.247.137.55

🇻🇳 45.119.81.245

🇨🇳 223.88.1.161

🇭🇰 223.16.43.171

🇺🇸 138.197.87.21

🇺🇸 71.6.199.23

🇱🇹 62.60.130.219

🇮🇳 59.179.31.237

🇳🇱 45.148.10.147

🇬🇧 35.203.211.80

🇳🇿 222.152.204.164

🇦🇷 186.19.55.92

🇺🇸 162.216.149.177

🇺🇸 162.216.149.48

🇵🇰 153.117.13.103

🇺🇸 147.185.132.157

🇺🇸 147.185.132.114

🇺🇸 147.185.132.99

🇨🇳 125.94.107.91

🇸🇬 104.43.56.65