JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.84

104.207.40.84 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.84

Whois 104.207.40.84

IP Abuse Reports for 104.207.40.84:

This IP address has been reported a total of 155 times from 22 distinct sources. 104.207.40.84 was first reported on June 12th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ParaBug	2026-04-27 13:55:18 (1 month ago)	104.207.40.84 - - [27/Apr/2026:15:55:18 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.aws/cred ... show more 104.207.40.84 - - [27/Apr/2026:15:55:18 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.aws/credentials HTTP/1.1" 403 440 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 oncord	2026-04-25 11:43:06 (1 month ago)	Form spam	Web Spam
🇦🇺 oncord	2026-04-13 23:03:45 (1 month ago)	Form spam	Web Spam
🇳🇱 homeshowdomain.nl	2026-02-13 22:59:54 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-13	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-13 09:29:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:29:16.859485 2026] [security2:error] [pid 22442:tid 22442] [client 104.207.40.84:60151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mgtofficial.com"] [uri "/.env.local"] [unique_id "aY7u7BbJxQ5yJ5wiIQhP1gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:44:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:44:02.854991 2026] [security2:error] [pid 3489:tid 3489] [client 104.207.40.84:26171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meshbagsandmore.com"] [uri "/dev/.git/config"] [unique_id "aY7kUvgaz1P72GUit-5yZAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:43:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:43:16.692014 2026] [security2:error] [pid 9016:tid 9016] [client 104.207.40.84:62405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medcoarabia.com"] [uri "/.env.production"] [unique_id "aY7IBNx-gH1HWc7zhsHBcAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:38:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:38:00.721556 2026] [security2:error] [pid 2401953:tid 2401953] [client 104.207.40.84:55437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "masalamadrid.com"] [uri "/.env.staging"] [unique_id "aY6qqOiO6GaF0dSoa6D_HgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:47:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:47:21.799227 2026] [security2:error] [pid 4667:tid 4667] [client 104.207.40.84:64483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manichri.com"] [uri "/app/.env"] [unique_id "aY6QuXz4UF27Umseg0xUjAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:57:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:57:13.914820 2026] [security2:error] [pid 25831:tid 25831] [client 104.207.40.84:41817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "major33.com"] [uri "/admin/.env"] [unique_id "aY6E-UrRud6MzyNlDezITQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 19:56:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:56:47.882205 2026] [security2:error] [pid 15572:tid 15572] [client 104.207.40.84:12943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "generationedm.com"] [uri "/.git/config"] [unique_id "aY4wfyO5FCRvuhyajaE6HQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:07:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:07:27.579050 2026] [security2:error] [pid 4249:tid 4249] [client 104.207.40.84:28323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "customprintedinvitations.com"] [uri "/.env"] [unique_id "aY4Iz6gnqogiSJWn4rba0wAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:26:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:26:09.249769 2026] [security2:error] [pid 32766:tid 349] [client 104.207.40.84:34221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drronaldhecker.com"] [uri "/.git/config"] [unique_id "aY3_IXC14W-IsrSE4E7qkgAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-12 15:43:59 (3 months ago)	Try to access /.git/config	Web App Attack
🇦🇺 oncord	2026-01-28 06:32:00 (4 months ago)	Form spam	Web Spam

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 80.94.92.186

🇫🇮 2a09:bac1:2540:8::48e:6

🇲🇽 187.190.35.163

🇺🇸 162.216.150.46

🇬🇧 118.26.104.78

🇺🇸 67.169.98.210

🇫🇷 51.159.149.103

🇺🇸 34.148.68.86

🇮🇳 165.140.164.99

🇺🇸 130.131.162.246

🇮🇩 34.50.121.225

🇪🇨 186.68.83.105

🇨🇴 179.33.186.150

🇳🇱 172.211.56.214

🇺🇸 147.185.132.0

🇨🇴 190.66.55.44

🇨🇳 115.190.63.151

🇹🇼 111.70.29.158

🇩🇪 82.165.15.106

🇳🇱 45.148.10.152