JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.166

104.207.38.166 was found in our database!

This IP was reported 163 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.166

Whois 104.207.38.166

IP Abuse Reports for 104.207.38.166:

This IP address has been reported a total of 163 times from 22 distinct sources. 104.207.38.166 was first reported on June 3rd 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-15 12:12:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:12:01.985210 2026] [security2:error] [pid 28150:tid 28150] [client 104.207.38.166:41075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teenybikini.com"] [uri "/app/.env"] [unique_id "aZG4EXrTqkcK2_Z_wyytNwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:44:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:44:31.698270 2026] [security2:error] [pid 23139:tid 23139] [client 104.207.38.166:44937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thorhauer.com"] [uri "/v2/.git/config"] [unique_id "aZGxn88alyri9kaf_a7w2AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:28:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:28:10.256980 2026] [security2:error] [pid 31610:tid 31610] [client 104.207.38.166:12979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suretrap.com"] [uri "/frontend/.env"] [unique_id "aZFZapiqdi7bw6kXG-TBBQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 crypto i trust, hold i must	2026-02-15 04:30:41 (3 months ago)	Automated vulnerability scanner detected. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Appl ... show more Automated vulnerability scanner detected. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Bad Web Bot Web App Attack
🇩🇪 sdos.es	2026-02-15 04:10:46 (3 months ago)	"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /site/.git/con ... show more "Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /site/.git/config" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:46:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:46:43.191822 2026] [security2:error] [pid 1270533:tid 1270533] [client 104.207.38.166:41035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sterlingandtime.com"] [uri "/config/.env"] [unique_id "aZFBozOvaxwccuuJ2-AOzgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:32:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:32:32.103208 2026] [security2:error] [pid 25345:tid 25345] [client 104.207.38.166:33397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiritofacorn.com"] [uri "/new/.git/config"] [unique_id "aZEwQL7aUbZiT0cjJBLYEAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-02-15 02:31:58 (3 months ago)	104.207.38.166 - - [15/Feb/2026:03:31:57 +0100] "GET /dev/.git/config HTTP/1.1" 301 539 "-" "Mozilla ... show more 104.207.38.166 - - [15/Feb/2026:03:31:57 +0100] "GET /dev/.git/config HTTP/1.1" 301 539 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:32:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:32:42.218149 2026] [security2:error] [pid 12157:tid 12157] [client 104.207.38.166:23815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "muslera.com"] [uri "/.git/config"] [unique_id "aZEiOm4-FDVrfCjurXajkQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:59:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:59:13.675916 2026] [security2:error] [pid 4955:tid 4955] [client 104.207.38.166:23849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lunginjurylaw.com"] [uri "/backup/.git/config"] [unique_id "aZEaYTD0S_zyJ53PeJZJUAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:19:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:19:30.758211 2026] [security2:error] [pid 17181:tid 17181] [client 104.207.38.166:62497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "louisianamasons.com"] [uri "/new/.git/config"] [unique_id "aZEREuwxPvpnLVzkwSWdhgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:54:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:54:03.247346 2026] [security2:error] [pid 5239:tid 5239] [client 104.207.38.166:44553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "linnardfinancial.com"] [uri "/admin/.env"] [unique_id "aZD9Cwb_fEijoJ6lhUhqzAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2026-02-14 22:20:15 (3 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2026-02-14 21:51:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:51:28.051356 2026] [security2:error] [pid 29198:tid 29198] [client 104.207.38.166:12273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mmipro.com"] [uri "/.git/config"] [unique_id "aZDuYOy3Xsc4SwX01Oc9sAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-14 21:37:38 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.38.166 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.38.166 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack

Showing 1 to 15 of 163 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.202.112.76

🇬🇧 195.96.139.211

🇳🇱 193.187.128.214

🇮🇳 168.220.237.171

🇮🇩 143.20.49.38

🇩🇪 130.12.181.101

🇨🇳 123.96.5.172

🇨🇳 112.94.189.208

🇺🇸 20.62.204.17

🇺🇸 207.241.173.115

🇬🇧 194.50.235.148

🇺🇸 185.149.26.71

🇸🇬 128.199.216.54

🇺🇦 45.12.3.48

🇩🇪 43.165.6.182

🇮🇳 34.93.128.179

🇳🇱 195.178.110.30

🇺🇸 192.178.119.148

🇩🇪 167.94.145.30

🇺🇸 104.42.121.220