JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.81

104.207.40.81 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.81

Whois 104.207.40.81

IP Abuse Reports for 104.207.40.81:

This IP address has been reported a total of 126 times from 15 distinct sources. 104.207.40.81 was first reported on June 11th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nowyouknow	2026-05-14 20:00:49 (3 weeks ago)	(From [email protected]) Hi Mathes Family Chiropractic, I wanted to bump this in ca ... show more (From [email protected]) Hi Mathes Family Chiropractic, I wanted to bump this in case you missed it — I built an AI agent just for Mathes Family Chiropractic, trained on your website, Google info, and everything I could find. It’s ready to answer customer questions, book appointments, and even follow up automatically. On average, our agents help increase leads by 17% without any work needed on your part. Again, this isn’t a pitch — just 20 minutes to test-drive your new AI employee. Here’s the link to book a time: getdandy.com/schedule-a-call/ or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/schedule-a-call/ Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
🇬🇧 PeravixGroup	2026-05-12 08:48:42 (4 weeks ago)	Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran. ... show more Honeypot detection: FTP brute-force or anonymous access attempt on port 21. Severity: MEDIUM. Aaran.cloud show less	FTP Brute-Force Brute-Force
🇨🇳 ThreatBook.io	2026-05-12 00:28:51 (4 weeks ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/104.207.40.81 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/104.207.40.81 2026-05-11 09:41:35 / 2026-05-11 10:02:52 / show less	Web App Attack
🇨🇭 4server	2026-04-15 23:41:40 (1 month ago)	[ThuApr1601:41:36.2099272026][security2:error][pid2339455:tid2339460][client104.207.40.81:0]ModSecur ... show more [ThuApr1601:41:36.2099272026][security2:error][pid2339455:tid2339460][client104.207.40.81:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"345\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"giuristifriburgo.ch\"][uri\"/xmlrpc.php\"][unique_id\"aeAiMFhM-yVQLI30UQehcwAAAIM\"] show less	Hacking Web App Attack
🇩🇪 F242	2026-01-30 05:33:19 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 myagent.site	2026-01-17 08:23:02 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-16 22:29:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 17:29:12.493963 2026] [security2:error] [pid 11547:tid 11547] [client 104.207.40.81:42129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.madbanana.com"] [uri "/.env"] [unique_id "aWq7uApskkK3IO3nYLMqmQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 05:20:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 00:20:32.436588 2026] [security2:error] [pid 24755:tid 24755] [client 104.207.40.81:55301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sailorbandido.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aWnKoL4R1eUOBONi4ZvBIQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-10 08:54:52 (4 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 04:11:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:10:57.813684 2025] [security2:error] [pid 3201:tid 3201] [client 104.207.40.81:52439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.americancryonics.org"] [uri "/.git/HEAD"] [unique_id "aSUsUfn3quqzuyt0qRbqvwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:00:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:00:44.551627 2025] [security2:error] [pid 21220:tid 21220] [client 104.207.40.81:23819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.blaslandsporthorses.com"] [uri "/.svn/wc.db"] [unique_id "aSUb3DtOSWqqiEPjVF-i4gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:20:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:17:37.112864 2025] [security2:error] [pid 26670:tid 26670] [client 104.207.40.81:52411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.amywoodruff.com"] [uri "/.git/HEAD"] [unique_id "aST1oShm8tyNe8AmnXpAVwAAADg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-16 22:57:14 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-07 19:32:25 (8 months ago)	Attempted brute force login to web vpn 81 time(s); last attempt for 2025.10.07 is noted in report ti ... show more Attempted brute force login to web vpn 81 time(s); last attempt for 2025.10.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-01 10:51:10 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.01 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.01 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 217.217.248.93

🇩🇪 213.209.159.175

🇨🇭 209.99.185.195

🇧🇷 205.210.31.246

🇧🇷 205.210.31.195

🇹🇭 203.148.243.244

🇯🇵 203.25.124.241

🇵🇱 194.180.49.216

🇫🇷 185.177.72.69

🇺🇸 172.183.132.70

🇮🇩 157.20.244.111

🇨🇳 125.76.228.194

🇮🇳 125.19.183.202

🇸🇬 109.123.237.36

🇧🇩 103.187.68.172

🇮🇩 103.76.109.243

🇧🇬 95.181.236.87

🇺🇦 91.219.81.157

🇬🇧 87.236.176.251

🇬🇧 87.236.176.241