JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.12

104.207.38.12 was found in our database!

This IP was reported 110 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.12

Whois 104.207.38.12

IP Abuse Reports for 104.207.38.12:

This IP address has been reported a total of 110 times from 22 distinct sources. 104.207.38.12 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-03-29 02:03:06 (2 months ago)	Brute force	Brute-Force
🇱🇻 garmtech.com	2026-03-12 21:29:26 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 eacontent	2026-01-22 10:35:00 (4 months ago)	2x eg 104.207.38.12 - - [16/Jan/2026:02:27:17 -0500] "GET /.aws/credentials HTTP/1.1" 404 141 "-" "M ... show more 2x eg 104.207.38.12 - - [16/Jan/2026:02:27:17 -0500] "GET /.aws/credentials HTTP/1.1" 404 141 "-" "Mozilla/5.0 (Linux; Android 7.0; ASUS_X00GD) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" show less	Hacking
🇺🇸 TPI-Abuse	2026-01-17 08:18:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 03:18:44.306287 2026] [security2:error] [pid 26746:tid 26767] [client 104.207.38.12:39927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thetooheys.com"] [uri "/.env"] [unique_id "aWtF5HjriCXTsRdkQyTrkwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 04:57:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 23:57:23.651135 2026] [security2:error] [pid 66643:tid 66669] [client 104.207.38.12:46739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kerrfamilyassociation.com"] [uri "/.env"] [unique_id "aWsWs_KZOv7WRJHrEHXWBgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 00:19:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 19:19:40.675003 2026] [security2:error] [pid 18574:tid 18574] [client 104.207.38.12:36305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.gospectre.com"] [uri "/.env"] [unique_id "aWrVnAbgQeUP4Saehw-8OwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 20:23:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 15:23:24.278460 2026] [security2:error] [pid 311:tid 311] [client 104.207.38.12:56689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.automationmp.com"] [uri "/.env"] [unique_id "aWqePEdZSohfdKdeHY0bpwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 18:37:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 13:37:42.351865 2026] [security2:error] [pid 31809:tid 31809] [client 104.207.38.12:37459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.austinbiblestudents.org"] [uri "/.env"] [unique_id "aWqFdoB3bvF3-PMXaU_gBgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:58:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:58:35.519556 2025] [security2:error] [pid 18310:tid 18310] [client 104.207.38.12:54753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ohiobabe.com"] [uri "/.env"] [unique_id "aVIYiwXD9EVUG7MwsnGcXwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:04:14 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:04:06.522378 2025] [security2:error] [pid 12745:tid 12745] [client 104.207.38.12:47887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hughhart.com"] [uri "/.env"] [unique_id "aVILxq5bXQYjB89HkzkZWAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:30:38 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:30:34.152352 2025] [security2:error] [pid 12280:tid 12280] [client 104.207.38.12:11307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jessicabaer.com"] [uri "/.env"] [unique_id "aVID6q2Dt0k7PzJe5mh6YgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 02:50:09 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 21:50:01.940991 2025] [security2:error] [pid 27837:tid 27837] [client 104.207.38.12:59629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jaynawilliamsrealty.com"] [uri "/.git/HEAD"] [unique_id "aVCa2WRqMIBmlVeVJveSfAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:31:50 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:31:45.688357 2025] [security2:error] [pid 389:tid 389] [client 104.207.38.12:39419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "biomechanicalwars.com"] [uri "/.env"] [unique_id "aVBsYcWsxZWR1YtHLA1FqQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:40:42 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:40:30.999132 2025] [security2:error] [pid 20124:tid 20124] [client 104.207.38.12:46155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coffeewitheinstein.com"] [uri "/.git/HEAD"] [unique_id "aVBgXiPPkL64J53HFzv5ewAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:44:16 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:44:09.401881 2025] [security2:error] [pid 13224:tid 13224] [client 104.207.38.12:42669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abilityimprinting.com"] [uri "/.git/HEAD"] [unique_id "aVBTKZ8Xmd0jj6YZTDg_fAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 110 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 212.227.27.47

🇸🇪 176.10.197.168

🇦🇺 170.64.166.144

🇬🇧 165.22.113.175

🇨🇳 122.224.205.134

🇩🇪 69.5.169.231

🇫🇮 35.228.31.149

🇧🇷 34.39.150.114

🇹🇼 198.235.24.84

🇳🇱 195.178.110.30

🇬🇧 193.163.125.232

🇺🇸 172.215.146.234

🇺🇸 135.232.200.209

🇨🇳 110.249.201.139

🇨🇳 101.68.215.26

🇷🇺 83.171.89.209

🇺🇸 35.184.189.28

🇫🇷 5.135.239.87

🇷🇴 2.57.121.25

🇰🇷 211.43.120.12