JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.112

104.207.38.112 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.112

Whois 104.207.38.112

IP Abuse Reports for 104.207.38.112:

This IP address has been reported a total of 150 times from 17 distinct sources. 104.207.38.112 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-13 03:18:20 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-12 00:36:01 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 19:35:56.205223 2026] [security2:error] [pid 20664:tid 20664] [client 104.207.38.112:47905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10mostwantedfugitives.net"] [uri "/.env"] [unique_id "aY0gbMURZ-uwAxhQIM_9DQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 22:12:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 17:12:41.831866 2026] [security2:error] [pid 17424:tid 17424] [client 104.207.38.112:16321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "argun.wine"] [uri "/.env"] [unique_id "aYz-2UfULB0edGIqbJcWHwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 17:14:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 12:14:04.400093 2026] [security2:error] [pid 21596:tid 21596] [client 104.207.38.112:26611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquatech-ind.com"] [uri "/dev/.git/config"] [unique_id "aYy43HM-8oAWCNc_7soQogAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:25:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:24:55.231450 2026] [security2:error] [pid 19652:tid 19652] [client 104.207.38.112:13899] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iconbizpromo.com"] [uri "/api/.git/config"] [unique_id "aYqzFxOs_oVaOljFPG-umQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:33:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:32:55.967888 2026] [security2:error] [pid 23653:tid 23653] [client 104.207.38.112:11259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khodel.info"] [uri "/dev/.git/config"] [unique_id "aYqKx_bbI_IQGLzZDeFpZAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:09:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:09:01.522689 2026] [security2:error] [pid 25395:tid 25395] [client 104.207.38.112:56793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenjoyce.com"] [uri "/.env.production"] [unique_id "aYpM7V_PpSplz0gevO6kNQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:30:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:30:40.294947 2026] [security2:error] [pid 4316:tid 4316] [client 104.207.38.112:12219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kaneprotectivecoatings.com"] [uri "/backend/.env"] [unique_id "aYpD8OBYNdGKFDR7v5CW3gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-30 02:30:33 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 29 21:30:27.529009 2026] [security2:error] [pid 1828506:tid 1828506] [client 104.207.38.112:46013] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXwXwySKZz3EQwf52AF6rQAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-11 19:02:42 (5 months ago)	wordpress-trap	Web App Attack
🇩🇪 iNetWorker	2026-01-11 08:26:20 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇦🇺 oncord	2026-01-05 07:56:45 (5 months ago)	Form spam	Web Spam
Anonymous	2025-12-30 08:26:34 (5 months ago)	"GET /.svn/wc.db HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:05:41 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:05:36.027451 2025] [security2:error] [pid 3756:tid 3756] [client 104.207.38.112:9041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgegourmet.com"] [uri "/.svn/wc.db"] [unique_id "aVIaMEOX3MD1o_YhjSNm6AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-12-24 11:12:49 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-12.104.207.38.112.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-12.104.207.38.112.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 190.196.248.140

🇵🇱 185.16.38.31

🇷🇺 176.112.128.143

🇳🇱 85.11.167.118

🇺🇸 64.62.156.172

🇨🇳 58.56.128.190

🇺🇸 18.119.209.50

🇧🇷 177.11.196.84

🇧🇼 168.167.72.132

🇿🇦 165.165.117.11

🇵🇱 79.184.239.149

🇺🇸 64.62.156.78

🇮🇳 49.204.74.149

🇱🇹 5.181.86.46

🇺🇸 2607:f8b0:400e:c1e::120

🇺🇸 2607:f8b0:4001:c62::121

🇨🇳 221.12.37.6

🇫🇷 213.199.38.101

🇨🇿 212.102.39.12

🇫🇷 212.83.145.101