JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.248

104.207.40.248 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.248

Whois 104.207.40.248

IP Abuse Reports for 104.207.40.248:

This IP address has been reported a total of 140 times from 21 distinct sources. 104.207.40.248 was first reported on June 19th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇮🇩 BPS-StatisticsIndonesia	2026-03-04 19:00:38 (3 months ago)	WP Login Scan Activities: "2026-03-05T02:00:38.095+07:00" "/wp-login.php" "104.207.40.248" "Mozilla/ ... show more WP Login Scan Activities: "2026-03-05T02:00:38.095+07:00" "/wp-login.php" "104.207.40.248" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Web App Attack
🇺🇸 mnsf	2026-02-13 14:06:11 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇳🇱 MM-bot	2026-02-13 13:31:57 (3 months ago)	URL-probe: HTTP/1.1 GET request on /config/.env (2026-02-13 14:31:57 UTC+1)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:17:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:17:35.145142 2026] [security2:error] [pid 3029:tid 3029] [client 104.207.40.248:47225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lawrencehale.net"] [uri "/app/.env"] [unique_id "aY8kb-dy7yhRShoWLFfLKgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:00:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:00:30.410398 2026] [security2:error] [pid 28173:tid 28173] [client 104.207.40.248:47819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mightyhoop.com"] [uri "/.env.staging"] [unique_id "aY8gbgy_QJLoORX-QngpfgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:39:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:39:08.626549 2026] [security2:error] [pid 7199:tid 7299] [client 104.207.40.248:42241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lasertagandgames.com"] [uri "/backend/.env"] [unique_id "aY8bbKD2klrFGs5qcSYtPgAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 04:33:35 (3 months ago)	Blocking for trying to access an exploit file: /dev/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-13 03:42:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:42:11.077715 2026] [security2:error] [pid 3190:tid 3207] [client 104.207.40.248:37477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.info"] [uri "/v2/.git/config"] [unique_id "aY6dk_b4CmTCRsawBB7GxAAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:05:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:05:12.071419 2026] [security2:error] [pid 2006206:tid 2006206] [client 104.207.40.248:13869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madisonworkshopwest.com"] [uri "/config/.env"] [unique_id "aY54yMeeJ1mqxgKnB9vaTwAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 20:14:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 15:14:43.566565 2026] [security2:error] [pid 8392:tid 8392] [client 104.207.40.248:25053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ilanknapp.com"] [uri "/.git/config"] [unique_id "aY40s-Podi3iLDCKO4wVRQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:44:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:44:14.488355 2026] [security2:error] [pid 1064810:tid 1064880] [client 104.207.40.248:45571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "conservativedemocrat.com"] [uri "/.env"] [unique_id "aY4DXpmBkH5dhoNqV1gdLQAAAgs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:47:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:47:06.074092 2026] [security2:error] [pid 23154:tid 23154] [client 104.207.40.248:22151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deharrisassoc.com"] [uri "/.git/config"] [unique_id "aY31-jtQLm7ymZlQw-b56AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-11 09:01:00 (3 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 04:58:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 23:58:05.712966 2026] [security2:error] [pid 10520:tid 10520] [client 104.207.40.248:18333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxztrader.com"] [uri "/frontend/.env"] [unique_id "aYwMXbAQm79N2JkKjkgKcQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 207.180.229.239

🇭🇰 199.45.154.184

🇨🇳 183.191.30.174

🇧🇷 178.92.205.94

🇭🇰 152.32.135.135

🇻🇳 14.182.9.71

🇺🇸 2604:a880:400:d1:0:4:8c06:8001

🇹🇼 198.235.24.60

🇫🇷 176.191.43.176

🇸🇬 159.65.2.17

🇯🇵 139.162.70.53

🇩🇪 128.1.34.69

🇨🇳 118.145.157.37

🇨🇳 116.178.129.193

🇨🇳 106.117.114.203

🇨🇳 101.126.22.12

🇬🇧 94.156.250.197

🇺🇸 20.163.15.124

🇨🇳 220.197.78.186

🇧🇷 178.92.205.149