JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.162

104.207.38.162 was found in our database!

This IP was reported 166 times. Confidence of Abuse is 30%: ?

30%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.162

Whois 104.207.38.162

IP Abuse Reports for 104.207.38.162:

This IP address has been reported a total of 166 times from 29 distinct sources. 104.207.38.162 was first reported on June 5th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 technojoe99	2026-06-13 11:56:26 (4 days ago)	Exploit scan from 104.207.38.162. GET http://usprivatecloud.net/news-sitemap.xml HTTP/1.1.	Web App Attack
🇸🇮 administrator	2026-06-02 22:14:47 (2 weeks ago)	2026-06-02 00:06:35,379 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.38.162 2 ... show more 2026-06-02 00:06:35,379 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.38.162 2026-06-02 00:06:35,379 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.38.162 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇷🇺 Mga Admin	2026-06-01 16:51:42 (2 weeks ago)	[Mon Jun 01 23:51:41.377957 2026] [authz_core:error] [pid 792384:tid 792432] [client 104.207.38.162: ... show more [Mon Jun 01 23:51:41.377957 2026] [authz_core:error] [pid 792384:tid 792432] [client 104.207.38.162:62705] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇨🇭 backslash	2026-05-15 13:42:00 (1 month ago)		Web Spam
🇦🇺 oncord	2026-05-15 01:47:30 (1 month ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2026-05-11 21:21:34 (1 month ago)	(From [email protected]) Soon customers will expect every website to talk The next phase is no ... show more (From [email protected]) Soon customers will expect every website to talk The next phase is not hard to see. A visitor compares two businesses online. One behaves like an intelligent assistant that can respond, recommend, qualify, and move the visitor forward. The other basically says: "Click around and figure it out." Which company gets the customer? This is the direction customer behavior is moving. Soon, people will expect websites to act like intelligent assistants, not passive brochures. Once the standard changes, a normal static website can start to feel behind almost overnight. Not because they are bad businesses. Because the way people interact online changed first. Websites are becoming AI-powered interfaces. That shift is already underway. Check it now: https://ollehofficial.com Many Thanks, — Kali Costa The Olleh AI Whenever you wish to stop getting further notifications from this campaign, feel free to fill the form at bit. ly/fillunsubform wit show less	Phishing Web Spam
🇸🇮 administrator	2026-05-04 16:21:50 (1 month ago)	2026-04-11 01:38:32,647 fail2ban.actions [530353]: NOTICE [ninjafirewall] Ban 104.207.38.162 ... show more 2026-04-11 01:38:32,647 fail2ban.actions [530353]: NOTICE [ninjafirewall] Ban 104.207.38.162 2026-04-11 07:57:15,235 fail2ban.actions [530353]: NOTICE [ninjafirewall] Ban 104.207.38.162 2026-04-11 20:05:27,717 fail2ban.actions [953175]: NOTICE [ninjafirewall] Ban 104.207.38.162 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇸🇪 KIDOS	2026-04-24 00:03:30 (1 month ago)	malicious activity	Web App Attack
🇬🇧 Mendip_Defender	2026-03-10 13:09:55 (3 months ago)	104.207.38.162 - - [10/Mar/2026:13:09:48 +0000] "GET /wp-admin/admin-ajax.php HTTP/1.0" 400 4135 "ht ... show more 104.207.38.162 - - [10/Mar/2026:13:09:48 +0000] "GET /wp-admin/admin-ajax.php HTTP/1.0" 400 4135 "https://4x4response.uk/?u=3907" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 104.207.38.162 - - [10/Mar/2026:13:09:49 +0000] "GET /wp-admin/admin-ajax.php?action=register HTTP/1.0" 400 4297 "https://4x4response.uk/wp-admin/admin-ajax.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 104.207.38.162 - - [10/Mar/2026:13:09:52 +0000] "POST /xmlrpc.php HTTP/1.1" 403 146 "https://4x4response.uk/?u=3907" "PHP/5.2.00" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:18:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:17:56.231781 2026] [security2:error] [pid 1163111:tid 1163128] [client 104.207.38.162:56657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magusincognito.com"] [uri "/backup/.git/config"] [unique_id "aYq_hIIkUjRLVk9bu6FHSQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:47:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:47:37.707646 2026] [security2:error] [pid 5972:tid 5972] [client 104.207.38.162:45879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kitebeach.com"] [uri "/.env.production"] [unique_id "aYqqWQjXjoHXHBTwZopB5gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:25:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:25:02.928470 2026] [security2:error] [pid 28820:tid 28820] [client 104.207.38.162:34881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbyimc.com"] [uri "/api/.git/config"] [unique_id "aYqlDgVbmsDaBO6I0S3qBQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:46:50 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:46:43.539455 2026] [security2:error] [pid 15827:tid 15827] [client 104.207.38.162:57941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madisonjazzorchestra.com"] [uri "/.git/config"] [unique_id "aYqcE_I9nq1Z0Za-d8eGEQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:25:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:24:53.355519 2026] [security2:error] [pid 9628:tid 9628] [client 104.207.38.162:31317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "huddleston.construction"] [uri "/.env.local"] [unique_id "aYp61eDb0JDCzcopR6w6kAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:50:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:50:33.115123 2026] [security2:error] [pid 15228:tid 15228] [client 104.207.38.162:37911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hoofprints.us"] [uri "/dev/.git/config"] [unique_id "aYpImewWyjLjFaS-BLSsFQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 166 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.212.224

🇭🇰 114.111.53.214

🇳🇱 91.92.40.14

🇮🇷 79.127.66.250

🇺🇸 45.33.84.28

🇺🇸 20.42.108.100

🇯🇵 8.216.9.20

🇺🇸 184.52.36.167

🇺🇸 172.252.13.90

🇺🇸 158.51.96.38

🇷🇴 141.98.83.240

🇫🇷 91.196.152.3

🇺🇸 45.79.214.23

🇬🇧 35.203.210.235

🇬🇧 35.203.210.6

🇻🇳 14.189.28.195

🇻🇳 14.179.0.214

🇨🇳 14.116.184.171

🇩🇪 213.209.159.56

🇨🇳 180.167.207.234