JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.217

104.207.40.217 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.217

Whois 104.207.40.217

IP Abuse Reports for 104.207.40.217:

This IP address has been reported a total of 146 times from 18 distinct sources. 104.207.40.217 was first reported on June 8th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-12-10 20:09:25 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-08 23:59:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 18:59:36.576427 2025] [security2:error] [pid 28104:tid 28104] [client 104.207.40.217:52479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dutchgreenrecycling.com"] [uri "/.env"] [unique_id "aTdmaH-0rCrfOaLndgoYqwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 15:45:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 10:45:44.442382 2025] [security2:error] [pid 27202:tid 27202] [client 104.207.40.217:13425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rcrgalicia.com"] [uri "/.svn/wc.db"] [unique_id "aTbyqE5_X7wwdue1B31I1QAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-08 00:04:19 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-07 14:51:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 09:51:01.202991 2025] [security2:error] [pid 23697:tid 23697] [client 104.207.40.217:41615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roadtosalvation.org"] [uri "/.svn/wc.db"] [unique_id "aTWUVU3Y3TOTqf3w8TjBswAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2025-12-06 19:14:03 (6 months ago)	/.aws/credentials	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:59:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:59:05.624558 2025] [security2:error] [pid 6963:tid 6963] [client 104.207.40.217:35789] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peazy.net"] [uri "/.svn/wc.db"] [unique_id "aTQ2qcqwgSyLbgHYyjqusgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:17:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:17:27.511012 2025] [security2:error] [pid 9405:tid 9405] [client 104.207.40.217:35459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cuch.net"] [uri "/.git/HEAD"] [unique_id "aTQQxyqmjvXhWCUoUooDEQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:47:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:47:01.133218 2025] [security2:error] [pid 12903:tid 12903] [client 104.207.40.217:39315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marketask.com"] [uri "/.git/HEAD"] [unique_id "aTLGNeHaLbTorH7OOTu6BQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:41:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:41:22.872635 2025] [security2:error] [pid 8206:tid 8206] [client 104.207.40.217:15379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibcnu.com"] [uri "/.git/HEAD"] [unique_id "aTJUYsrDue2U1OZ8Nsu8nAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2025-11-22 09:41:36 (6 months ago)	2025-11-22 @ 10:41:36 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
Anonymous	2025-10-19 00:46:00 (7 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.19 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-18 19:52:56 (7 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.18 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-17 22:51:56 (7 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.17 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-17 10:34:10 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.68

🇧🇴 190.181.44.194

🇪🇸 79.116.186.31

🇬🇧 35.203.210.140

🇺🇸 20.14.73.62

🇨🇳 119.249.100.114

🇺🇸 103.143.11.150

🇩🇪 69.5.169.151

🇺🇸 54.209.100.30

🇧🇷 189.113.47.155

🇳🇱 185.224.128.16

🇨🇦 185.92.26.69

🇰🇷 182.210.76.170

🇹🇭 118.27.146.111

🇧🇬 79.124.58.142

🇨🇴 69.6.234.27

🇺🇸 38.148.20.98

🇷🇴 2.57.121.25

🇧🇪 198.235.24.245

🇺🇸 173.194.103.167