JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.74

104.207.40.74 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.74

Whois 104.207.40.74

IP Abuse Reports for 104.207.40.74:

This IP address has been reported a total of 135 times from 19 distinct sources. 104.207.40.74 was first reported on June 19th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇬🇧 killian7603	2026-02-09 08:23:00 (3 months ago)	Multiple attempts to brute-force exploited credential.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-31 00:53:07 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 19:52:49.517655 2025] [security2:error] [pid 5123:tid 5123] [client 104.207.40.74:21859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.lsd36.com"] [uri "/.env"] [unique_id "aVRz4cZ0FbcbtK6N58RUbgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:47:18 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:47:13.415554 2025] [security2:error] [pid 13006:tid 13006] [client 104.207.40.74:47561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "firstunitedreserve.com"] [uri "/.svn/wc.db"] [unique_id "aVJAERTrNYKU4TnULsicugAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:40:56 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:40:49.666097 2025] [security2:error] [pid 8972:tid 8972] [client 104.207.40.74:40887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oscarssons.com"] [uri "/.env"] [unique_id "aVIicdq2DOZhcjQn9JypfgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:16:16 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:16:09.879476 2025] [security2:error] [pid 8414:tid 8437] [client 104.207.40.74:25179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clearwaterpumpservices.com"] [uri "/.svn/wc.db"] [unique_id "aVIAiVar7c3ONyqKBBW8fgAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2025-12-10 22:14:24 (5 months ago)	Web App Attack	Web App Attack
Anonymous	2025-12-10 17:23:41 (5 months ago)	botnet	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:10:00 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇫🇷 applemooz	2025-11-01 12:11:07 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2025-10-31 19:43:07 (7 months ago)	[redacted] 104.207.40.74 - - [31/Oct/2025:20:42:20 +0100] "POST /xmlrpc.php HTTP/2.0" 200 426 "-" "M ... show more [redacted] 104.207.40.74 - - [31/Oct/2025:20:42:20 +0100] "POST /xmlrpc.php HTTP/2.0" 200 426 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 10_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) GSA/22.0.141836113 Mobile/14C92 Safari/600.1.4" [redacted] 104.207.40.74 - - [31/Oct/2025:20:42:24 +0100] "POST /xmlrpc.php HTTP/2.0" 200 426 "-" "Mozilla/5.0 (Linux; Android 6.0; LG-K350 Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Mobile Safari/537.36" [redacted] 104.207.40.74 - - [31/Oct/2025:20:42:32 +0100] "POST /xmlrpc.php HTTP/2.0" 200 426 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/523.12.2 (KHTML, like Gecko) Version/3.0.4 Safari/523.12.2" [redacted] 104.207.40.74 - - [31/Oct/2025:20:42:33 +0100] "POST /xmlrpc.php HTTP/2.0" 200 426 "-" "Mozilla/5.0 (Linux; Android 6.0; CAM-L03) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.80 Mobile Safari/537.36" ibiza-apartment-kauf ... show less	Hacking Web App Attack
Anonymous	2025-10-30 15:31:51 (7 months ago)	WordPress Brute Force	Brute-Force
🇩🇪 Marc	2025-10-29 21:09:05 (7 months ago)		Brute-Force
Anonymous	2025-10-28 22:00:20 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.28 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.28 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-22 18:58:27 (7 months ago)	Attempted brute force login to web vpn 26 time(s); last attempt for 2025.10.22 is noted in report ti ... show more Attempted brute force login to web vpn 26 time(s); last attempt for 2025.10.22 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.147.19.238

🇺🇸 167.99.13.52

🇺🇸 162.216.150.178

🇩🇪 162.158.95.38

🇩🇪 159.195.21.168

🇬🇧 81.19.219.218

🇺🇸 2602:fb54:1a00::99

🇧🇪 198.235.24.131

🇳🇱 193.176.31.204

🇨🇳 163.0.39.184

🇨🇦 85.217.149.19

🇷🇴 80.94.92.187

🇩🇪 64.89.163.131

🇳🇱 45.148.10.152

🇺🇸 45.130.83.105

🇲🇽 38.210.202.4

🇬🇧 35.203.210.173

🇬🇧 5.226.140.96

🇳🇱 193.176.31.221

🇨🇳 101.126.55.179