JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.218

104.207.40.218 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.218

Whois 104.207.40.218

IP Abuse Reports for 104.207.40.218:

This IP address has been reported a total of 142 times from 20 distinct sources. 104.207.40.218 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-03-26 14:29:34 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.40.218 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.40.218 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-23 19:03:46 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇮🇹 VHosting	2025-12-22 23:37:32 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-02 20:35:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:35:02.713622 2025] [security2:error] [pid 22092:tid 22092] [client 104.207.40.218:41403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cs-mall.com"] [uri "/.git/HEAD"] [unique_id "aS9Ndj6tj_QRdhApjrnL9AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:45:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:45:25.236049 2025] [security2:error] [pid 29167:tid 29167] [client 104.207.40.218:22845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "themediaplanet.com"] [uri "/.svn/wc.db"] [unique_id "aS9B1daGqzEgnHYpDse9mAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:45:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:45:07.382625 2025] [security2:error] [pid 30986:tid 30986] [client 104.207.40.218:25953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modalsoftware.com"] [uri "/.svn/wc.db"] [unique_id "aS8lo6i5gY0sTpHCOMRNpwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:19:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:19:13.234670 2025] [security2:error] [pid 9206:tid 9206] [client 104.207.40.218:20903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "capriexpress.com"] [uri "/.svn/wc.db"] [unique_id "aS7ZQZ_xTdVn2qkbK4vIVwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-02 05:58:31 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-02 05:33:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:33:51.946067 2025] [security2:error] [pid 19443:tid 19468] [client 104.207.40.218:12489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sparkhypnotherapy.com"] [uri "/.env"] [unique_id "aS56PzufS__gaNU5_bPOSgAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:18:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:18:25.868700 2025] [security2:error] [pid 4093:tid 4093] [client 104.207.40.218:32297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pundtlaw.com"] [uri "/.env"] [unique_id "aS52odUl5Ahbe7gODl_lGQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:43:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:42:54.653173 2025] [security2:error] [pid 16426:tid 16426] [client 104.207.40.218:47285] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedmachininginc.com"] [uri "/.env"] [unique_id "aS5uTlv5juH7TxvR-0OAvAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 00:31:10 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-25 00:59:29 (7 months ago)	WP Login Scan Activities	Web App Attack
Anonymous	2025-10-18 05:58:06 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 118.193.61.170

🇹🇭 61.7.159.134

🇳🇱 45.148.10.121

🇨🇳 118.145.237.236

🇨🇦 57.134.215.133

🇳🇱 45.128.199.185

🇹🇳 41.228.240.206

🇨🇳 202.46.62.11

🇲🇦 160.177.249.65

🇯🇵 119.150.216.7

🇮🇩 112.78.133.162

🇰🇷 58.224.62.29

🇮🇳 38.137.59.10

🇹🇷 31.145.114.35

🇺🇸 2607:f8b0:4001:c34::123

🇺🇸 217.216.84.206

🇺🇸 205.210.31.102

🇹🇼 198.235.24.48

🇨🇱 190.5.34.185

🇹🇳 154.110.4.241