JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.202

104.207.38.202 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.202

Whois 104.207.38.202

IP Abuse Reports for 104.207.38.202:

This IP address has been reported a total of 153 times from 21 distinct sources. 104.207.38.202 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-15 21:59:16 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-15	Web App Attack SSH Hacking
🇮🇹 [email protected]	2026-06-08 17:58:02 (1 week ago)		Brute-Force
🇮🇹 [email protected]	2026-06-06 20:03:44 (1 week ago)	[Sat Jun 06 22:03:44.569159 2026] [authz_core:error] [pid 982522:tid 982619] [client 104.207.38.202: ... show more [Sat Jun 06 22:03:44.569159 2026] [authz_core:error] [pid 982522:tid 982619] [client 104.207.38.202:13163] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/xmlrpc.php show less	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇵🇱 sefinek.net	2026-01-12 16:40:18 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Xbox; Xbox One) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edge/44.18363.8131 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-14 12:41:30 (6 months ago)	botnet	DDoS Attack
🇲🇾 syokadmin	2025-11-29 23:02:18 (6 months ago)	(cpanel) Failed cPanel login from 104.207.38.202 (US/United States/-): 1 in the last 3600 secs	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:28:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:28:45.678944 2025] [security2:error] [pid 24086:tid 24086] [client 104.207.38.202:13277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "md20lf.org.ithacalions.com"] [uri "/.env"] [unique_id "aSVMncj1hhCCLkSwQt9VfAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:17:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:17:45.762306 2025] [security2:error] [pid 1817001:tid 1817050] [client 104.207.38.202:60037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "quetzalcoatl2012.wizart.org"] [uri "/.env"] [unique_id "aSU7-WR1ttxeyDpsCa9tIgAAAYs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:41:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:41:16.766126 2025] [security2:error] [pid 25226:tid 25226] [client 104.207.38.202:57079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.creekside.biz"] [uri "/.env"] [unique_id "aSUzbEY0AhFRcObH1FiSYgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:50:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:49:45.632247 2025] [security2:error] [pid 4231:tid 4231] [client 104.207.38.202:36039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.christmasweddingnapkins.com"] [uri "/.git/HEAD"] [unique_id "aSUnWZkO6hilWLTWHPGsdAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:42:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:42:09.739390 2025] [security2:error] [pid 15116:tid 15116] [client 104.207.38.202:26879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.sazisirel.com"] [uri "/.svn/wc.db"] [unique_id "aSUXge4Pjwpa319ufCsK2gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:55:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:54:56.433662 2025] [security2:error] [pid 14459:tid 14459] [client 104.207.38.202:58565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "listepo.ryanc.net"] [uri "/.env"] [unique_id "aSUMcKF6LwPDwfvQP0kKFAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:58:29 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 fbarela	2025-11-07 22:00:59 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 223.181.26.87

🇧🇷 187.45.95.66

🇨🇳 171.114.224.87

🇸🇬 168.144.42.72

🇭🇰 152.32.226.8

🇫🇷 85.217.140.46

🇺🇸 23.234.79.63

🇮🇳 139.59.4.137

🇯🇵 207.148.108.129

🇺🇸 198.46.253.100

🇺🇸 195.184.76.243

🇩🇪 193.124.20.253

🇲🇽 187.141.71.166

🇮🇳 112.196.78.4

🇷🇴 80.94.92.168

🇺🇸 50.16.232.215

🇧🇷 45.229.91.34

🇳🇱 45.156.87.7

🇷🇺 31.6.108.94

🇬🇧 193.163.125.32