JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.146

104.207.38.146 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.146

Whois 104.207.38.146

IP Abuse Reports for 104.207.38.146:

This IP address has been reported a total of 154 times from 20 distinct sources. 104.207.38.146 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:08:39 (3 weeks ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-05-29 17:34:16 (4 weeks ago)	3.251 POST requests with url.path */wp-login.php	Brute-Force Bad Web Bot
🇱🇻 garmtech.com	2026-03-09 02:37:56 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇮🇹 VHosting	2026-03-03 13:20:04 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-02-24 07:54:28 (4 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇵🇱 sefinek.net	2026-01-02 07:40:55 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2025-12-24 09:11:36 (6 months ago)	WP Login Scan Activities	Web App Attack
🇬🇧 Bytemark	2025-12-12 13:45:19 (6 months ago)	104.207.38.146 - - [12/Dec/2025:13:45:15 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.goo ... show more 104.207.38.146 - - [12/Dec/2025:13:45:15 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 104.207.38.146 - - [12/Dec/2025:13:45:16 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 104.207.38.146 - - [12/Dec/2025:13:45:19 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-03 10:56:18 (6 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 02:49:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 21:49:21.673215 2025] [security2:error] [pid 26194:tid 26194] [client 104.207.38.146:17411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.igolfallday.com"] [uri "/.env"] [unique_id "aSe8MbcA2sfU-PKCvIjMZgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 18:55:43 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 13:55:35.081114 2025] [security2:error] [pid 7674:tid 7674] [client 104.207.38.146:33139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.qavideo.com"] [uri "/.git/HEAD"] [unique_id "aSdNJ6kxKGYshu8bjCWZvAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:16:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:16:15.871193 2025] [security2:error] [pid 27547:tid 27547] [client 104.207.38.146:12843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.strippolefitness.com"] [uri "/.env"] [unique_id "aSbhf-f3T8OlCCiCRCFwwAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:53:51 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:53:28.106869 2025] [security2:error] [pid 16010:tid 16010] [client 104.207.38.146:49343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.swaincustomdesigns.com"] [uri "/.svn/wc.db"] [unique_id "aSVEWBrzJZmCgp9q1OVvxwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:14:57 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:14:51.474353 2025] [security2:error] [pid 14226:tid 14314] [client 104.207.38.146:37243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.aglsolidwaste.com"] [uri "/.svn/wc.db"] [unique_id "aSU7S5F6HRvJfyrmJlm2EQAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:52:34 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:52:26.742621 2025] [security2:error] [pid 13895:tid 13905] [client 104.207.38.146:31329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.frmoto.com"] [uri "/.env"] [unique_id "aSU2CsqATJ-N2rrGOLaCkAAAAUg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.46.20.111

🇧🇷 177.85.11.5

🇸🇬 172.253.211.87

🇸🇬 152.42.240.74

🇬🇧 35.203.210.193

🇨🇳 1.192.59.58

🇭🇰 199.45.154.183

🇩🇪 172.217.34.30

🇺🇸 151.241.239.203

🇳🇱 91.92.40.153

🇸🇬 35.187.231.181

🇵🇱 2a04:c605:409:91:9999::230

🇩🇪 2a01:4f8:c012:5838::1

🇸🇬 188.166.183.133

🇺🇸 148.153.121.146

🇧🇷 138.36.35.193

🇻🇳 116.111.185.218

🇰🇪 102.205.85.11

🇫🇷 91.231.89.175

🇫🇷 62.210.185.4