JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.133

104.207.38.133 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.133

Whois 104.207.38.133

IP Abuse Reports for 104.207.38.133:

This IP address has been reported a total of 143 times from 20 distinct sources. 104.207.38.133 was first reported on June 6th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2026-05-19 14:44:07 (4 weeks ago)	104.207.38.133 - - [19/May/2026:16:44:07 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ... show more 104.207.38.133 - - [19/May/2026:16:44:07 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" show less	Hacking Web App Attack VPN IP
🇱🇻 garmtech.com	2026-05-09 13:48:11 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-48.104.207.38.133.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-48.104.207.38.133.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-03-25 05:00:38 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-00.104.207.38.133.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-00.104.207.38.133.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 oncord	2026-03-08 21:37:23 (3 months ago)	Form spam	Web Spam
🇩🇪 big-cloud.nl	2026-03-06 00:59:15 (3 months ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇬🇧 relianoid.com	2026-01-11 05:34:53 (5 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2025-12-09 18:35:05 (6 months ago)	botnet	DDoS Attack
🇺🇸 SLSLLC	2025-11-25 20:47:01 (6 months ago)	104.207.38.133 - - [25/Nov/2025:20:46:59 +0000] "GET /.env HTTP/1.1" 403 2113 "-" "Mozilla/5.0 (Wind ... show more 104.207.38.133 - - [25/Nov/2025:20:46:59 +0000] "GET /.env HTTP/1.1" 403 2113 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" ... show less	Brute-Force Web App Attack
🇺🇸 SSH-Admin	2025-11-25 17:20:26 (6 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:30:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:30:42.071956 2025] [security2:error] [pid 9388:tid 9388] [client 104.207.38.133:14037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.talamancareserve.com"] [uri "/.env"] [unique_id "aSU_AooRsAbaCGp-ZSsGCAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:55:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:55:25.653248 2025] [security2:error] [pid 14490:tid 14490] [client 104.207.38.133:27787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.summercampregistration.com"] [uri "/.git/HEAD"] [unique_id "aSUorfTf24Z31XAKc6kk5wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:02:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:01:53.267954 2025] [security2:error] [pid 20813:tid 20813] [client 104.207.38.133:25449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.rosarymaker.com"] [uri "/.git/HEAD"] [unique_id "aSUcIVIV-VcwJHr-ewdSEAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:39:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:39:03.678249 2025] [security2:error] [pid 29989:tid 29989] [client 104.207.38.133:11279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mountainchristmascards.com"] [uri "/.svn/wc.db"] [unique_id "aSUIt_wc818KL3eevtyAPQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:11:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:11:43.638347 2025] [security2:error] [pid 31498:tid 31523] [client 104.207.38.133:55045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jean-paullederer.com"] [uri "/.git/HEAD"] [unique_id "aSUCT_ow9dE5SYd00VRUkQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:52:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:52:27.375913 2025] [security2:error] [pid 403:tid 403] [client 104.207.38.133:26627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.economy-cleaners.com"] [uri "/.svn/wc.db"] [unique_id "aST9y9nu1fD_8x3bhJFS-QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 220.118.173.234

🇮🇳 128.185.235.110

🇺🇸 100.29.192.31

🇺🇸 66.132.186.248

🇫🇷 51.210.97.205

🇺🇸 45.79.186.176

🇺🇸 2600:1900:4120:e3fb:0:82::

🇰🇷 193.122.113.121

🇩🇪 188.245.53.16

🇳🇱 185.242.226.87

🇫🇷 185.177.72.30

🇺🇸 173.73.178.159

🇸🇱 129.224.205.75

🇺🇿 95.214.210.217

🇳🇱 91.229.105.132

🇺🇸 66.154.124.165

🇨🇳 36.135.62.97

🇺🇸 185.198.240.144

🇮🇳 168.144.19.185

🇳🇱 160.119.69.16