JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.215

104.207.40.215 was found in our database!

This IP was reported 151 times. Confidence of Abuse is 27%: ?

27%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.215

Whois 104.207.40.215

IP Abuse Reports for 104.207.40.215:

This IP address has been reported a total of 151 times from 26 distinct sources. 104.207.40.215 was first reported on June 6th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Epimetheus	2026-05-30 15:17:00 (1 week ago)	Unauthorized access attempts: [GET] /sitemap.xml UA: Mozilla/5.0	Web App Attack
🇦🇺 paulshipley.com.au	2026-05-27 23:31:09 (1 week ago)	[Thu May 28 09:31:08.678929 2026] [security2:error] [pid 504721] [client 104.207.40.215:39049] [clie ... show more [Thu May 28 09:31:08.678929 2026] [security2:error] [pid 504721] [client 104.207.40.215:39049] [client 104.207.40.215] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "iaki.com.au"] [uri "/wp-config.php~"] [unique_id "ahd-vMk6tvjymUDLksp5OQAAAAM"] ... show less	Web App Attack
🇪🇸 librebit	2026-05-17 03:47:10 (3 weeks ago)	Brute force	Brute-Force
Anonymous	2026-05-13 07:01:03 (3 weeks ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇸🇪 Juha Jurvanen	2026-05-11 19:59:04 (3 weeks ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
Anonymous	2026-05-10 22:04:39 (3 weeks ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇮🇹 [email protected]	2026-04-18 06:33:43 (1 month ago)	[Sat Apr 18 08:33:42.813738 2026] [authz_core:error] [pid 560721:tid 560764] [remote 104.207.40.215: ... show more [Sat Apr 18 08:33:42.813738 2026] [authz_core:error] [pid 560721:tid 560764] [remote 104.207.40.215:23927] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:29:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:29:41.259275 2026] [security2:error] [pid 32629:tid 32754] [client 104.207.40.215:41527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millievelasco.com"] [uri "/.env.save"] [unique_id "aY8nRdOSUObTgb48jp-epAAAAhM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:18:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:18:27.642759 2026] [security2:error] [pid 15988:tid 15988] [client 104.207.40.215:61537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mentalmolecule.com"] [uri "/backup/.git/config"] [unique_id "aY7eUz-CZB4PyvfxBd6JgAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:42:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:42:21.941774 2026] [security2:error] [pid 5439:tid 5439] [client 104.207.40.215:39241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "med-engineering.com"] [uri "/site/.git/config"] [unique_id "aY7HzZiKb64aR0388DerEgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:34:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:33:57.751229 2026] [security2:error] [pid 4793:tid 4793] [client 104.207.40.215:31781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marykaydesign.net"] [uri "/config/.env"] [unique_id "aY6ptRGKDmFgbbyRp5IRpgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:42:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:42:34.801261 2026] [security2:error] [pid 10563:tid 10563] [client 104.207.40.215:33741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mailperform.com"] [uri "/wp/.git/config"] [unique_id "aY6BigmULeE91M8ayOFH2wAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 22:59:55 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
Anonymous	2026-02-12 18:02:43 (3 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:43:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:43:54.536297 2026] [security2:error] [pid 73737:tid 73737] [client 104.207.40.215:49159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deandobkin.com"] [uri "/.git/config"] [unique_id "aY31OrrvzzvYbG9SJqvnsgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 151 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:8bf8:9001

🇨🇳 220.203.28.200

🇨🇳 220.181.108.165

🇫🇷 217.172.189.13

🇦🇷 190.244.39.224

🇳🇱 176.65.139.164

🇺🇸 172.190.112.206

🇺🇸 162.216.18.113

🇨🇳 114.66.17.195

🇧🇩 103.114.166.226

🇷🇴 92.118.39.236

🇺🇸 91.193.232.77

🇸🇬 68.183.236.1

🇵🇱 51.75.53.4

🇩🇪 43.228.157.187

🇺🇸 208.84.100.220

🇵🇰 202.47.32.0

🇧🇷 200.196.50.91

🇲🇽 187.140.79.156

🇸🇪 185.246.128.25