JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.54

104.207.40.54 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.54

Whois 104.207.40.54

IP Abuse Reports for 104.207.40.54:

This IP address has been reported a total of 154 times from 18 distinct sources. 104.207.40.54 was first reported on June 8th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-04-21 01:03:13 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇹 [email protected]	2026-04-17 23:05:33 (1 month ago)	[Sat Apr 18 01:05:32.242781 2026] [authz_core:error] [pid 560720:tid 560785] [remote 104.207.40.54:4 ... show more [Sat Apr 18 01:05:32.242781 2026] [authz_core:error] [pid 560720:tid 560785] [remote 104.207.40.54:48009] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-01-02 19:13:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 14:13:29.362855 2026] [security2:error] [pid 18935:tid 18935] [client 104.207.40.54:18351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kiinlog.com"] [uri "/.git/HEAD"] [unique_id "aVgY2ZWyXdDkg0RiYzgZAgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:04:14 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:04:06.902677 2025] [security2:error] [pid 21534:tid 21534] [client 104.207.40.54:31085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khovanov.com"] [uri "/.git/HEAD"] [unique_id "aVI19qMvgyCdRWyNNioPbgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:52:48 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:52:41.894722 2025] [security2:error] [pid 9744:tid 9744] [client 104.207.40.54:18793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lindaporcello.com"] [uri "/.svn/wc.db"] [unique_id "aVIlOQZKEmVerO_dt9SidAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:09:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:09:30.665609 2025] [security2:error] [pid 15020:tid 15020] [client 104.207.40.54:52323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "enchantmenttours.com"] [uri "/.git/HEAD"] [unique_id "aVIbGh6Bp9OjTNWjO3FGOQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:07:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:07:17.691009 2025] [security2:error] [pid 20157:tid 20157] [client 104.207.40.54:54075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citywidereo.com"] [uri "/.svn/wc.db"] [unique_id "aVIMhW_L5D2MuzXY5SXpXwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:29:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:29:41.777390 2025] [security2:error] [pid 14399:tid 14399] [client 104.207.40.54:15723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stinsonbeachsurfandkayak.com"] [uri "/.git/HEAD"] [unique_id "aVIDtX60hQhhkG2iMWa3CQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 01:00:28 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇩🇪 botreporter	2025-12-01 14:05:37 (6 months ago)	botnet ignoring robots.txt	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:58 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-24 06:02:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:02:27.934735 2025] [security2:error] [pid 21510:tid 21510] [client 104.207.40.54:52975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alisha-vijay.com"] [uri "/.git/HEAD"] [unique_id "aSP08xBxB6qZjWkTIzsdVAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:28:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:28:49.021311 2025] [security2:error] [pid 5008:tid 5008] [client 104.207.40.54:15723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.downloadsanddeals.com"] [uri "/.git/HEAD"] [unique_id "aSPfAWb7EGfB_kv0znq6xgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:11:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:11:30.428546 2025] [security2:error] [pid 24111:tid 24111] [client 104.207.40.54:13719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.title28.com"] [uri "/.env"] [unique_id "aSPa8iHcKjnsvatwkK-TRQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.145.23

🇺🇸 162.216.149.29

🇨🇳 120.48.90.166

🇧🇷 205.210.31.233

🇦🇷 190.183.76.117

🇩🇪 164.92.194.37

🇺🇸 147.185.132.119

🇺🇸 147.185.132.17

🇨🇳 115.190.156.119

🇷🇴 109.100.14.222

🇺🇸 107.155.48.84

🇮🇷 95.38.235.47

🇧🇬 79.124.62.134

🇫🇷 79.90.161.136

🇧🇬 78.128.112.6

🇺🇸 66.132.195.49

🇳🇱 45.153.34.112

🇮🇷 5.75.79.73

🇺🇸 52.165.81.253

🇱🇹 45.227.254.170