JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.246

104.207.40.246 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.246

Whois 104.207.40.246

IP Abuse Reports for 104.207.40.246:

This IP address has been reported a total of 154 times from 24 distinct sources. 104.207.40.246 was first reported on June 21st 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 06:16:39 (3 weeks ago)	Brute force	Brute-Force
Anonymous	2026-04-05 09:00:16 (2 months ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-03-29 03:48:00 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-47.104.207.40.246.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-47.104.207.40.246.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 oncord	2026-03-26 21:07:13 (2 months ago)	Form spam	Web Spam
🇬🇧 relianoid.com	2026-03-25 10:00:37 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇪🇸 librebit	2026-03-24 06:18:18 (2 months ago)	Brute force	Brute-Force
Anonymous	2026-03-08 01:44:28 (3 months ago)	Forum/form spam	Web Spam
🇬🇧 openstrike.co.uk	2026-02-19 06:13:40 (3 months ago)	23 attacks on VC URLs, env grabbing URLs, password grabbing URLs: GET /new/.git/config HTTP/1.1 GET ... show more 23 attacks on VC URLs, env grabbing URLs, password grabbing URLs: GET /new/.git/config HTTP/1.1 GET /config/.env HTTP/1.1 GET /.aws/credentials HTTP/1.1 show less	Hacking
🇺🇸 TPI-Abuse	2026-02-19 05:18:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:18:57.056919 2026] [security2:error] [pid 12048:tid 12048] [client 104.207.40.246:18201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kreweofhyatt.com"] [uri "/admin/.env"] [unique_id "aZadQYgmQee2pfRCe8Fx6wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 04:46:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:45:59.875289 2026] [security2:error] [pid 23814:tid 23814] [client 104.207.40.246:9261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kofcasamblea442.org"] [uri "/api/.git/config"] [unique_id "aZaVh4te8Td6YE0LoftvPAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:26:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:26:37.125737 2026] [security2:error] [pid 19848:tid 19848] [client 104.207.40.246:47707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "volollc.com"] [uri "/app/.env"] [unique_id "aZZYver3YOPLXEKhyZ6ENQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:34:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:33:58.779509 2026] [security2:error] [pid 16510:tid 16510] [client 104.207.40.246:39335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhitedfamily.com"] [uri "/wp/.git/config"] [unique_id "aZYGFh5qQkjmHxdDXFYIwAAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:48:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:48:03.217679 2026] [security2:error] [pid 5412:tid 5412] [client 104.207.40.246:41563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wandcompany.com"] [uri "/admin/.git/config"] [unique_id "aZWm8yratH7CgDxfYVoSdQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 windowsforum	2026-02-14 04:22:19 (3 months ago)	Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, ... show more Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, url, password_confirm, username=ValeriaFla show less	Web Spam Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-12 06:29:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 01:29:00.247948 2026] [security2:error] [pid 24941:tid 24941] [client 104.207.40.246:15845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artsun.com"] [uri "/v2/.git/config"] [unique_id "aY1zLAzn355ttSCVOqRzLgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 103.187.146.107

🇩🇪 69.5.169.81

🇧🇪 34.78.175.138

🇺🇸 208.84.100.11

🇵🇦 200.46.177.242

🇷🇺 178.176.165.122

🇺🇸 138.113.23.170

🇸🇪 78.109.16.247

🇺🇸 47.77.227.236

🇧🇪 34.53.252.181

🇻🇳 123.20.250.53

🇺🇸 65.49.1.208

🇺🇸 64.62.156.110

🇫🇷 62.171.168.158

🇭🇰 58.152.111.179

🇩🇪 47.254.150.185

🇦🇷 45.162.20.154

🇳🇱 45.148.10.147

🇧🇪 35.241.166.201

🇧🇪 34.53.176.92