JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.40.98

104.207.40.98 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.40.98

Whois 104.207.40.98

IP Abuse Reports for 104.207.40.98:

This IP address has been reported a total of 142 times from 16 distinct sources. 104.207.40.98 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-04-30 12:15:53 (1 month ago)	Forum/form spam	Web Spam
🇨🇭 TheCoon	2026-02-16 08:00:01 (3 months ago)	Automated: Credential theft attempt - JSON bomb served	Hacking Web App Attack
🇺🇸 mnsf	2026-02-16 02:05:58 (3 months ago)	Too many Status 40X (12) Scanning/Probing (14)	Brute-Force Web App Attack
Anonymous	2026-02-15 13:05:23 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:11:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:11:12.597783 2026] [security2:error] [pid 2118:tid 2118] [client 104.207.40.98:16321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sunshine-trust.com"] [uri "/.env"] [unique_id "aZFVcGjm0UaO_19V46VBMgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 ciccio diddo	2026-02-15 03:39:58 (3 months ago)	CMS/WP Exploit multiple 404 port:Tcp/80,443	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:18:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:18:38.374509 2026] [security2:error] [pid 23590:tid 23590] [client 104.207.40.98:31185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starktigers75.com"] [uri "/backend/.env"] [unique_id "aZE7Du7R8wXw5GNkJT17YAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:54:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:54:37.019553 2026] [security2:error] [pid 17256:tid 17256] [client 104.207.40.98:19773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sra-ep.org"] [uri "/app/.env"] [unique_id "aZE1bfodSFrE53W-n6E68AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:32:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:32:12.192625 2026] [security2:error] [pid 303:tid 340] [client 104.207.40.98:57071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiritualchristian.com"] [uri "/.env.local"] [unique_id "aZEwLOTjh-Dl8pGktnWuEwAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:19:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:19:21.831310 2026] [security2:error] [pid 9809:tid 9809] [client 104.207.40.98:29329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lynnsmetkodesigns.com"] [uri "/.env.save"] [unique_id "aZEfGaLamn50ybRUIZX_aQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 01:06:06 (3 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:45:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:45:18.036292 2026] [security2:error] [pid 10493:tid 10493] [client 104.207.40.98:32525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luckydawgs.com"] [uri "/admin/.git/config"] [unique_id "aZEXHrYt2o3rO1P6fJGFgwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:21:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:21:05.922655 2026] [security2:error] [pid 20656:tid 20656] [client 104.207.40.98:62139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "love-n-promises.com"] [uri "/dev/.git/config"] [unique_id "aZERcZKGazH0ophHfcaYuAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:01:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:01:08.804861 2026] [security2:error] [pid 31018:tid 31027] [client 104.207.40.98:40517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lisabee.net"] [uri "/app/.git/config"] [unique_id "aZD-tFgJ4XndBVAcAYIaMwAAAQc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:45:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.40.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:45:24.823010 2026] [security2:error] [pid 17134:tid 17134] [client 104.207.40.98:47109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lindafoley.com"] [uri "/frontend/.env"] [unique_id "aZD7BA-NVST9jI8yi4fePgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇱 212.235.15.133

🇬🇧 193.32.209.237

🇺🇸 152.32.183.27

🇨🇳 111.26.177.216

🇧🇪 34.38.187.154

🇹🇯 217.11.190.210

🇩🇪 185.202.159.188

🇩🇪 185.193.80.200

🇺🇸 172.96.172.68

🇺🇸 91.230.168.8

🇩🇪 82.21.68.215

🇬🇧 81.19.219.202

🇺🇸 68.183.145.187

🇺🇸 64.31.18.133

🇺🇸 54.158.176.240

🇺🇸 52.21.227.35

🇺🇸 20.168.121.44

🇵🇰 14.1.107.59

🇵🇰 162.4.163.29

🇯🇵 160.251.233.37