JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.187

104.207.38.187 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.187

Whois 104.207.38.187

IP Abuse Reports for 104.207.38.187:

This IP address has been reported a total of 140 times from 20 distinct sources. 104.207.38.187 was first reported on June 4th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 relianoid.com	2026-01-27 18:19:14 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇮🇩 BPS-StatisticsIndonesia	2026-01-10 09:54:26 (5 months ago)	WP Login Scan Activities	Web App Attack
🇸🇬 ANTI SCANNER	2025-12-27 20:38:34 (5 months ago)	Scanner : /wp-login.php	Web Spam
🇮🇹 VHosting	2025-12-23 17:10:03 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-15 05:11:19 (6 months ago)	botnet	DDoS Attack
🇧🇷 SOC Blue Team	2025-12-13 20:48:37 (6 months ago)	Tatic: TA0006 \| Technique: T1110 \| Source: TAP \| Country Destination: BR	Brute-Force
🇮🇩 Kencang.ID	2025-12-06 10:23:37 (6 months ago)	Failed Login Attempt 2025-12-06 10:23:37 \| 104.207.38.187 \| Desktop \| Google Chrome \| Ashburn, Virgi ... show more Failed Login Attempt 2025-12-06 10:23:37 \| 104.207.38.187 \| Desktop \| Google Chrome \| Ashburn, Virginia, United States \| 3xK Tech GmbH \| Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36 show less	FTP Brute-Force Brute-Force
🇮🇩 BPS-StatisticsIndonesia	2025-12-04 04:13:40 (6 months ago)	WP Login Scan Activities	Web App Attack
🇪🇸 el-brujo	2025-11-28 00:58:35 (6 months ago)	Cloudflare WAF: Request Path: /wp-config.php~ Request Query: Host: forum.elhacker.net userAgent: Mo ... show more Cloudflare WAF: Request Path: /wp-config.php~ Request Query: Host: forum.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0 Action: block Source: firewallManaged ASN Description: DREI-K-TECH-GMBH Country: US Method: GET Timestamp: 2025-11-28T00:58:35Z ruleId: 7994335d116849f7a0ab6b771d1d0db7. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 22:17:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 17:17:31.210415 2025] [security2:error] [pid 7568:tid 7568] [client 104.207.38.187:41137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotelkona.com"] [uri "/.env"] [unique_id "aSjN-_iDA5fD_msteFMOnwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 20:52:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:52:47.941566 2025] [security2:error] [pid 28687:tid 28687] [client 104.207.38.187:39685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daisydoesoap.com"] [uri "/.git/HEAD"] [unique_id "aSi6H_r5aBZSz9rd7nra3QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 19:08:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:08:18.995612 2025] [security2:error] [pid 9987:tid 9987] [client 104.207.38.187:10359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airtechconsulting.com"] [uri "/.svn/wc.db"] [unique_id "aSiholzsSOmIC54h7kdnTwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Psycho Solutions LLC	2025-11-25 14:38:49 (6 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 11/25/2025 2:38 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2025-11-21 19:51:13 (7 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.21 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 21:08:32 (7 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.14 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.14 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.228.10.226

🇦🇷 170.210.136.58

🇮🇹 79.2.147.164

🇸🇬 74.114.31.157

🇮🇳 49.43.241.11

🇺🇸 47.77.239.61

🇺🇸 47.77.234.25

🇫🇷 5.39.125.101

🇷🇴 2.57.121.25

🇳🇱 192.253.248.97

🇮🇳 157.49.131.61

🇹🇼 110.25.109.52

🇨🇦 104.207.49.255

🇿🇦 102.208.217.152

🇱🇻 81.30.98.49

🇱🇻 81.30.98.44

🇩🇪 69.5.169.254

🇱🇹 62.60.130.219

🇺🇸 47.251.106.227

🇩🇪 47.245.143.107