JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.196

104.207.40.196 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.196

Whois 104.207.40.196

IP Abuse Reports for 104.207.40.196:

This IP address has been reported a total of 154 times from 23 distinct sources. 104.207.40.196 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 mnsf	2026-02-19 16:05:26 (3 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇦🇺 nzhost.co.nz	2026-02-19 12:32:27 (3 months ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-19 03:20:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:20:32.629598 2026] [security2:error] [pid 572050:tid 572050] [client 104.207.40.196:43491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.com"] [uri "/frontend/.env"] [unique_id "aZaBgKfvRRyqMpKc4hbODwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 ALPHANET	2026-02-18 22:57:47 (3 months ago)	web exploits	Hacking Exploited Host Web App Attack
🇫🇷 dynamix	2026-02-18 19:58:22 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:57:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:57:27.425800 2026] [security2:error] [pid 6976:tid 6982] [client 104.207.40.196:60693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "touficcorban.com"] [uri "/backend/.env"] [unique_id "aZYZpy0eKVajTgEacMaMjAAAAUM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:18:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:18:31.386768 2026] [security2:error] [pid 1947:tid 1947] [client 104.207.40.196:51153] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title49.com"] [uri "/wp/.git/config"] [unique_id "aZYQh2zQwT8vj3OwNkYq1wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:51:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:50:52.125210 2026] [security2:error] [pid 8000:tid 8000] [client 104.207.40.196:11549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "threewild.com"] [uri "/v2/.git/config"] [unique_id "aZYKDOKSkUawkWsilw0etwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 anotherwatcher	2026-02-18 18:39:59 (3 months ago)	bad bot	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-18 18:32:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:32:18.472864 2026] [security2:error] [pid 27880:tid 27880] [client 104.207.40.196:64051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewanderingwoods.quest"] [uri "/app/.git/config"] [unique_id "aZYFsvx1dQ-e_Yqif8ulpQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 16:52:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 11:52:46.369887 2026] [security2:error] [pid 25918:tid 25918] [client 104.207.40.196:54415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zacharyschwartzman.com"] [uri "/api/.git/config"] [unique_id "aZXuXtHfqrsLDg4diwuihwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-18 15:05:54 (3 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:51:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:51:50.517956 2026] [security2:error] [pid 1299580:tid 1299580] [client 104.207.40.196:11979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wooferhound.com"] [uri "/admin/.git/config"] [unique_id "aZXD9gTG9eFLQvm9llPcrAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:13:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:13:28.836070 2026] [security2:error] [pid 27744:tid 27744] [client 104.207.40.196:26033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wies.name"] [uri "/.env"] [unique_id "aZW6-OKt2H-zrifkbqJ9NwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇻 190.150.218.110

🇭🇰 150.5.169.176

🇷🇴 80.94.92.167

🇱🇺 64.89.161.48

🇭🇰 220.246.47.146

🇨🇳 219.157.65.111

🇻🇪 200.75.136.149

🇺🇸 194.62.107.101

🇺🇸 192.142.2.40

🇲🇰 188.44.20.24

🇧🇷 177.191.201.49

🇳🇱 176.65.149.201

🇮🇳 172.253.211.220

🇳🇱 160.119.78.143

🇺🇸 108.178.17.26

🇮🇩 103.157.26.236

🇭🇰 101.36.124.127

🇷🇴 92.118.39.62

🇫🇷 91.231.89.190

🇺🇸 80.97.44.44