JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.64

104.207.40.64 was found in our database!

This IP was reported 122 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.64

Whois 104.207.40.64

IP Abuse Reports for 104.207.40.64:

This IP address has been reported a total of 122 times from 10 distinct sources. 104.207.40.64 was first reported on June 5th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-12-27 13:03:04 (5 months ago)	2025-12-27T15:03:03.420763+02:00 zanati wp(www.sahpa.co.za)[193518]: Blocked authentication attempt ... show more 2025-12-27T15:03:03.420763+02:00 zanati wp(www.sahpa.co.za)[193518]: Blocked authentication attempt for [email protected] from 104.207.40.64 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:13:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:13:15.056065 2025] [security2:error] [pid 30918:tid 30918] [client 104.207.40.64:30337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.grmvrr.com"] [uri "/.env"] [unique_id "aSQTm1unPQzISrU-zED51QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:15:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:15:05.707211 2025] [security2:error] [pid 23557:tid 23557] [client 104.207.40.64:19507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.sierra-broadcasting.com"] [uri "/.svn/wc.db"] [unique_id "aSP36Vcp_enkIN2x7dL8vwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-11-19 07:01:09 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇵🇱 sefinek.net	2025-11-17 03:00:37 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-29 14:42:51 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.40.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.40.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 10:42:43.666715 2025] [security2:error] [pid 15925:tid 15979] [client 104.207.40.64:35205] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|landmarkocchealth.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "landmarkocchealth.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQIn4yDEZRaFN3i3TKF1dgAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-18 06:29:31 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-17 16:22:30 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-16 08:21:56 (7 months ago)	GlobalProtect login attempts with user yqb.	VPN IP Brute-Force
Anonymous	2025-10-15 21:09:11 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.15 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-10-09 08:16:36 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 104.207.40.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 104.207.40.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 09 04:16:30.374379 2025] [security2:error] [pid 25791:tid 25791] [client 104.207.40.64:35691] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|192.64.150.78:443\|F\|4"] [data "close, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "192.64.150.78"] [uri "/"] [unique_id "aOdvXoPbymWnpv5j3T9dogAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-07 14:14:02 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-05 07:10:56 (8 months ago)	Attempted brute force login to web vpn 27 time(s); last attempt for 2025.10.05 is noted in report ti ... show more Attempted brute force login to web vpn 27 time(s); last attempt for 2025.10.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-27 04:17:46 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.27 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.27 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-07 12:40:14 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 122 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.195.46

🇧🇷 190.89.246.30

🇺🇸 72.167.50.103

🇩🇪 64.89.163.156

🇱🇹 45.227.254.170

🇸🇳 41.82.50.218

🇨🇳 14.103.123.6

🇧🇪 198.235.24.156

🇩🇪 185.242.3.173

🇱🇾 156.38.42.118

🇮🇩 145.79.14.212

🇨🇳 115.55.53.223

🇧🇩 61.247.188.118

🇩🇪 2a02:4780:3f:1789:0:15da:34e2:1

🇮🇳 2401:4900:8f61:b78:8b:b78e:7c17:5017

🇮🇱 203.159.81.12

🇪🇪 196.245.216.81

🇧🇷 179.176.210.17

🇻🇳 171.231.176.86

🇫🇷 141.95.129.178