JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.222

104.207.40.222 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.222

Whois 104.207.40.222

IP Abuse Reports for 104.207.40.222:

This IP address has been reported a total of 138 times from 21 distinct sources. 104.207.40.222 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-03-16 02:23:03 (3 months ago)	Brute force	Brute-Force
🇩🇪 kranem	2026-02-25 06:02:29 (3 months ago)	Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/ ... show more Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: /auth/login Timestamp: 2026-02-25T04:53:15Z User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15 show less	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:55 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-26 11:34:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:34:53.798341 2025] [security2:error] [pid 24525:tid 24525] [client 104.207.40.222:34131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.grannyswash.kunzteam.com"] [uri "/.svn/wc.db"] [unique_id "aSbl3Qe9sehFSyTENyodggAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 10:09:33 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:07:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:06:57.436230 2025] [security2:error] [pid 20119:tid 20119] [client 104.207.40.222:24335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.whateverhappenedto.xyz"] [uri "/.svn/wc.db"] [unique_id "aSbRQeEm3qrkx3xk24CNdAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:57:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:57:17.590631 2025] [security2:error] [pid 8949:tid 8949] [client 104.207.40.222:41089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.integratic.com.co"] [uri "/.svn/wc.db"] [unique_id "aSaWvf6ainPZ-dte8QhwkgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:00:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:59:57.266029 2025] [security2:error] [pid 11563:tid 11563] [client 104.207.40.222:50183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.chefsuepong.com"] [uri "/.svn/wc.db"] [unique_id "aSZtLbXp0E772y96UTOXXwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:52:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:52:31.827671 2025] [security2:error] [pid 24000:tid 24000] [client 104.207.40.222:10617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pulsepowermeter.rotarymagnetics.com"] [uri "/.svn/wc.db"] [unique_id "aSZdXwMa9WtcteMvb8u_bAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:26:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:26:35.102160 2025] [security2:error] [pid 21659:tid 21659] [client 104.207.40.222:46365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bb103.us"] [uri "/.git/HEAD"] [unique_id "aSZXS2WvdBxPbKGP_A1JDAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:36:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:36:42.962098 2025] [security2:error] [pid 28660:tid 28660] [client 104.207.40.222:14219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.rivervalleyhome.com"] [uri "/.env"] [unique_id "aST6GjXKauDY8dKF9SRQxwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 14:57:03 (6 months ago)	Honey Pot Hit / Attack Vector found!	Port Scan Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:38:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:38:45.214735 2025] [security2:error] [pid 22713:tid 22713] [client 104.207.40.222:14117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prospects.caribbeancoders.com"] [uri "/.env"] [unique_id "aSQnpcUYdlE3Ol3iTcbiXwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 20:34:47 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 fbarela	2025-11-07 23:00:46 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇺 170.64.217.238

🇸🇬 103.250.10.18

🇫🇷 83.113.106.159

🇨🇳 59.38.64.124

🇧🇷 205.210.31.147

🇪🇨 186.68.83.104

🇮🇶 169.224.2.179

🇸🇬 118.26.111.107

🇬🇧 89.37.172.150

🇫🇷 88.188.28.219

🇳🇱 45.153.34.181

🇧🇷 206.42.45.113

🇹🇭 118.194.251.17

🇮🇳 115.98.235.114

🇷🇴 80.94.92.164

🇷🇺 45.91.64.7

🇺🇸 44.223.193.255

🇦🇺 118.102.93.109

🇪🇸 85.87.4.16

🇳🇱 45.148.10.152