JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.96

104.207.40.96 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.96

Whois 104.207.40.96

IP Abuse Reports for 104.207.40.96:

This IP address has been reported a total of 146 times from 21 distinct sources. 104.207.40.96 was first reported on June 8th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nowyouknow	2026-04-22 17:54:24 (1 month ago)	(From [email protected]) Hi Perline Chiropractic, I’ve built and trained an AI employee ... show more (From [email protected]) Hi Perline Chiropractic, I’ve built and trained an AI employee specifically for Perline Chiropractic. It’s already been trained on 6+ hours worth of your publicly available data — your website, Google Business Profile, and more. It knows how to answer customer questions, capture leads, and even follow up — just like a team member would. This isn’t a sales call. It’s a 20-minute demo where you can actually interact with the AI employee and see what it can do. Would today or tomorrow work for a quick walkthrough? Schedule a time on my calendar to meet the agent I trained for you and see what she can do here: getdandy.com/schedule-a-call/ or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/schedule-a-call/ Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2026-02-12 02:20:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:20:23.477339 2026] [security2:error] [pid 28134:tid 28134] [client 104.207.40.96:39859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1214productions.com"] [uri "/dev/.git/config"] [unique_id "aY045wxr9n2y8r-ehsVKOQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 20:11:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:11:33.015148 2026] [security2:error] [pid 11994:tid 11994] [client 104.207.40.96:23511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "architx.com"] [uri "/admin/.env"] [unique_id "aYzidQGc-vACDdUFdfYfIgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 17:44:50 (4 months ago)	Blocking for trying to access an exploit file: /config/.env	Hacking
🇳🇱 ReporTR	2026-02-10 09:39:35 (4 months ago)	Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. ... show more Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. IP banned. show less	Hacking Web App Attack
🇮🇩 Burayot	2026-02-10 06:42:53 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.40.96 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.40.96 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:28:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:28:33.455059 2026] [security2:error] [pid 8416:tid 8416] [client 104.207.40.96:34987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirklandplumbing.ca"] [uri "/test/.git/config"] [unique_id "aYql4fCwaog3OAAWU6Wn2AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:50:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:50:30.958090 2026] [security2:error] [pid 1396287:tid 1396287] [client 104.207.40.96:9391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madisonworkshopwest.com"] [uri "/v2/.git/config"] [unique_id "aYqc9jjyg1KTewXhGcNVRQAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:35:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:35:32.127260 2026] [security2:error] [pid 7899:tid 7899] [client 104.207.40.96:33253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevinjewell.com"] [uri "/app/.git/config"] [unique_id "aYp9VOB2cBJdacr5ZAt82wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:29:01 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:28:57.153311 2026] [security2:error] [pid 30000:tid 30000] [client 104.207.40.96:15709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithwillwynne.com"] [uri "/backend/.env"] [unique_id "aYptuUp8a2VoA0RQMA_kugAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:56:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:56:35.757167 2026] [security2:error] [pid 937968:tid 937980] [client 104.207.40.96:49697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howilearnedtodanceintherain.com"] [uri "/test/.git/config"] [unique_id "aYpmI6whT4RZ6FzCjF2LFgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:16:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:16:32.677583 2026] [security2:error] [pid 13426:tid 13426] [client 104.207.40.96:26919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hometechllc.com"] [uri "/v2/.git/config"] [unique_id "aYpAoLB30IWCbMWkOjZ3dgAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-10 13:48:08 (6 months ago)	botnet	DDoS Attack
🇸🇪 Johan Finn	2025-12-07 00:23:48 (6 months ago)	malicious activity	Web App Attack
🇲🇾 syokadmin	2025-12-05 21:34:24 (6 months ago)	(cpanel) Failed cPanel login from 104.207.40.96 (US/United States/-): 1 in the last 3600 secs	Brute-Force Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.77

🇺🇸 173.255.225.25

🇺🇸 172.239.71.244

🇺🇸 172.203.242.24

🇮🇩 103.131.61.163

🇧🇬 93.94.141.115

🇺🇸 91.230.168.192

🇺🇸 34.106.9.238

🇧🇴 190.181.27.37

🇲🇽 187.190.35.163

🇸🇬 178.128.84.112

🇺🇸 172.239.64.155

🇺🇸 172.236.228.229

🇸🇬 103.189.235.93

🇩🇪 78.47.163.163

🇦🇷 45.172.110.35

🇳🇱 45.148.10.141

🇺🇸 23.239.11.64

🇮🇹 2.38.151.216

🇫🇷 213.136.88.112