JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.17

104.207.38.17 was found in our database!

This IP was reported 101 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.17

Whois 104.207.38.17

IP Abuse Reports for 104.207.38.17:

This IP address has been reported a total of 101 times from 22 distinct sources. 104.207.38.17 was first reported on June 8th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-06-08 06:53:30 (4 days ago)	Form spam	Web Spam
🇵🇱 sefinek.net	2026-04-04 05:33:32 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114.0.1264.71 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇦🇺 oncord	2026-03-02 02:08:17 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 13:06:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:05:58.996089 2026] [security2:error] [pid 30720:tid 30750] [client 104.207.38.17:25083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lauricella.us"] [uri "/api/.env"] [unique_id "aY8htnLiWKzp-rMQ30Lw-AAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 10:06:23 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:03:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:03:49.091917 2026] [security2:error] [pid 15353:tid 15353] [client 104.207.38.17:27055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medics-group.com"] [uri "/v2/.git/config"] [unique_id "aY7M1ZDPlzwzOKOQEp4CvQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:04:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:04:21.389929 2026] [security2:error] [pid 315:tid 315] [client 104.207.38.17:19307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matchsticbranding.agency"] [uri "/.env.save"] [unique_id "aY6w1YTmub5-ld8TwyPL_AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-13 04:27:38 (3 months ago)	Blocking for trying to access an exploit file: /backend/.env	Hacking
🇺🇸 TPI-Abuse	2026-02-13 04:20:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:20:05.268567 2026] [security2:error] [pid 20236:tid 20236] [client 104.207.38.17:64209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martaaizenman.com"] [uri "/.git/config"] [unique_id "aY6mdeRVxkh99eLRnqcCJQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:41:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:41:09.207838 2026] [security2:error] [pid 3190:tid 3200] [client 104.207.38.17:14027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.org"] [uri "/.env"] [unique_id "aY6dVfb4CmTCRsawBB7GdQAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:52:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:52:50.775445 2026] [security2:error] [pid 5635:tid 5635] [client 104.207.38.17:48185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manoli.cl"] [uri "/.env"] [unique_id "aY6SArPLHweztY9UFOyGDgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:14:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:14:55.032096 2026] [security2:error] [pid 1140398:tid 1140398] [client 104.207.38.17:10847] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "malamutian.net"] [uri "/new/.git/config"] [unique_id "aY6JH_MCZzKM-Gs-Lv4EIQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-02-13 01:10:19 (3 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Carsten	2026-02-13 00:51:25 (3 months ago)	GET [.aws/credentials]	Port Scan

Showing 1 to 15 of 101 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.34.175.76

🇲🇽 187.212.10.12

🇵🇰 103.155.62.93

🇳🇱 64.89.162.15

🇨🇦 62.169.135.131

🇰🇷 39.117.89.191

🇻🇳 27.79.43.166

🇺🇿 213.230.72.54

🇳🇱 209.38.44.19

🇵🇹 188.82.161.244

🇮🇩 103.172.71.7

🇧🇬 91.92.40.14

🇺🇸 64.62.197.40

🇺🇸 64.34.84.39

🇺🇸 15.129.7.51

🇺🇸 193.36.225.188

🇨🇦 143.110.217.57

🇫🇮 130.49.76.220

🇺🇸 103.215.75.70

🇴🇲 96.9.135.216