JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.128

104.207.38.128 was found in our database!

This IP was reported 123 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.128

Whois 104.207.38.128

IP Abuse Reports for 104.207.38.128:

This IP address has been reported a total of 123 times from 11 distinct sources. 104.207.38.128 was first reported on June 6th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-13 12:07:24 (4 weeks ago)	Web App Attack, Hacking	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-11 05:03:23 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 01:03:18.396136 2026] [security2:error] [pid 29863:tid 29863] [client 104.207.38.128:27503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "2ndwaveai.com"] [uri "/.env"] [unique_id "agFjFl8BQeKLvrl4lh6F9gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-12-19 01:19:05 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-11-30 13:56:32 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 04:05:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:05:32.418096 2025] [security2:error] [pid 25905:tid 25905] [client 104.207.38.128:35821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.jasonmcquain.com"] [uri "/.git/HEAD"] [unique_id "aSUrDMh1oWfZ4eAJP8t3bQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:09:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:09:46.079432 2025] [security2:error] [pid 10461:tid 10461] [client 104.207.38.128:21357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.barbaraedidin.com"] [uri "/.env"] [unique_id "aSUd-kNS3UYysfsjcg2XdwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:28:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:28:10.996400 2025] [security2:error] [pid 1647141:tid 1647206] [client 104.207.38.128:37809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.conservativelabor.com"] [uri "/.git/HEAD"] [unique_id "aSUUOtffCdpZ5cNrCNduWQAAAUE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:37:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:37:00.483256 2025] [security2:error] [pid 15449:tid 15449] [client 104.207.38.128:26425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.macjr.com"] [uri "/.svn/wc.db"] [unique_id "aSUIPAIY8pj8oauohDavgwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:10:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:10:36.655210 2025] [security2:error] [pid 10291:tid 10291] [client 104.207.38.128:28309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.slusarczyk.com"] [uri "/.svn/wc.db"] [unique_id "aSTz_Gp6WY8BzT3UPqiUeQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-29 14:31:14 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-17 16:35:03 (7 months ago)	GlobalProtect login attempts with user imartin.	VPN IP Brute-Force
Anonymous	2025-10-03 21:06:15 (8 months ago)	Attempted brute force login to web vpn 27 time(s); last attempt for 2025.10.03 is noted in report ti ... show more Attempted brute force login to web vpn 27 time(s); last attempt for 2025.10.03 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-02 13:03:46 (8 months ago)	Attempted brute force login to web vpn 56 time(s); last attempt for 2025.10.02 is noted in report ti ... show more Attempted brute force login to web vpn 56 time(s); last attempt for 2025.10.02 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 18:40:05 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 10:18:07 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 123 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 207.219.221.101

🇫🇮 204.168.206.154

🇺🇸 193.56.116.243

🇦🇷 190.3.50.189

🇩🇪 167.94.146.56

🇺🇸 162.216.150.170

🇨🇳 112.111.150.127

🇫🇷 85.217.140.24

🇺🇸 64.62.197.160

🇺🇸 64.62.197.137

🇺🇸 50.112.151.48

🇺🇿 213.230.78.36

🇧🇪 198.235.24.234

🇳🇱 195.178.110.105

🇬🇧 193.163.125.142

🇨🇳 180.101.224.66

🇩🇪 167.94.145.23

🇺🇸 166.88.227.114

🇮🇹 151.115.166.245

🇵🇱 151.115.80.249