JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.182

104.207.38.182 was found in our database!

This IP was reported 161 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.182

Whois 104.207.38.182

IP Abuse Reports for 104.207.38.182:

This IP address has been reported a total of 161 times from 29 distinct sources. 104.207.38.182 was first reported on June 11th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 Mga Admin	2026-06-01 16:51:44 (1 week ago)	[Mon Jun 01 23:51:41.407909 2026] [authz_core:error] [pid 792384:tid 792431] [client 104.207.38.182: ... show more [Mon Jun 01 23:51:41.407909 2026] [authz_core:error] [pid 792384:tid 792431] [client 104.207.38.182:22465] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-19 03:56:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:56:16.757535 2026] [security2:error] [pid 22077:tid 22077] [client 104.207.38.182:26525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnairdwoodworking.com"] [uri "/.git/config"] [unique_id "aZaJ4Mk4_qbdkUvp-ke-ZwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-02-19 03:56:01 (3 months ago)	CrowdSec-Report: crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:28:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:28:25.791353 2026] [security2:error] [pid 11364:tid 11364] [client 104.207.38.182:10467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kh6jim.com"] [uri "/dev/.git/config"] [unique_id "aZaDWbW5IfjHNzvtaDsvsAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-19 03:12:00 (3 months ago)	http-sensitive-files - IP: 104.207.38.182 - time="2026-02-19T04:12:00+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.38.182 - time="2026-02-19T04:12:00+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.38.182 (US/200373) : 4h ban on Ip 104.207.38.182" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 01:26:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:26:07.498568 2026] [security2:error] [pid 4356:tid 4356] [client 104.207.38.182:57273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kamrynbever.com"] [uri "/api/.env"] [unique_id "aZZmr_rVaZ72vfKu177suQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-18 21:18:09 (3 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:06:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:06:36.711122 2026] [security2:error] [pid 23293:tid 23293] [client 104.207.38.182:15745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trademartghana.com"] [uri "/config/.env"] [unique_id "aZYbzK6yW7wvh3GbvxPo1QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:32:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:32:35.789621 2026] [security2:error] [pid 9897:tid 9897] [client 104.207.38.182:21959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewanderinghermit.com"] [uri "/backup/.git/config"] [unique_id "aZYFwzo3SY-XxICXuqSReQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-18 16:06:02 (3 months ago)	Scanning/Probing (21)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:00:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:00:14.298909 2026] [security2:error] [pid 4717:tid 4735] [client 104.207.38.182:56323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wassell.org"] [uri "/v2/.git/config"] [unique_id "aZWpzvfZJorvt0B651D4AwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 14:50:16 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:53 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇵🇱 IROK	2025-11-25 01:48:07 (6 months ago)	25/Nov/2025:02:47:56.902231 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client ... show more 25/Nov/2025:02:47:56.902231 +0100Apache-Error: [file "apache2_util.c"] [line 273] [level 3] [client 104.207.38.182] ModSecurity: Access denied with code 403 (phase 2). String match "/.env" at REQUEST_URI. [file "remote server"] [line "-1"] [id "430057"] [msg "Malware.Expert - request_uri: .ENV Files"] [tag "MEWAF"] [hostname "root.trojaczki.org"] [uri "/.env"] [unique_id "aSUKzDujFSs-cVybfiyL7QAAAMI"] ... show less	Hacking

Showing 1 to 15 of 161 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.84.101.72

🇧🇷 187.17.172.8

🇺🇸 170.254.179.222

🇺🇸 170.254.179.58

🇺🇸 170.254.179.18

🇺🇸 162.216.149.211

🇺🇸 82.22.110.66

🇳🇱 77.83.39.31

🇻🇳 14.163.144.123

🇷🇺 5.167.64.181

🇷🇺 217.12.40.182

🇺🇸 170.254.178.90

🇺🇸 170.254.178.70

🇺🇸 170.254.178.6

🇻🇳 125.212.244.35

🇻🇳 103.153.254.96

🇺🇸 44.192.2.19

🇺🇸 44.158.49.176

🇺🇸 40.119.40.156

🇺🇸 20.169.107.47