JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.233

104.207.38.233 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.233

Whois 104.207.38.233

IP Abuse Reports for 104.207.38.233:

This IP address has been reported a total of 142 times from 19 distinct sources. 104.207.38.233 was first reported on June 6th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 LRob.fr	2026-02-20 11:00:07 (3 months ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-13 13:24:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:23:58.941093 2026] [security2:error] [pid 32630:tid 32758] [client 104.207.38.233:41881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "layoverlocations.com"] [uri "/admin/.git/config"] [unique_id "aY8l7j1fK48W5T6p33ORCAAAAkA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Bedios GmbH	2026-02-13 09:06:37 (3 months ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-02-13 06:49:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:49:28.758370 2026] [security2:error] [pid 1908033:tid 1908072] [client 104.207.38.233:55565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "media928.com"] [uri "/config/.env"] [unique_id "aY7JeE7msqS-ZlYUbK7zWgAAAYE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:22:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:22:40.545369 2026] [security2:error] [pid 25489:tid 25489] [client 104.207.38.233:21563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcthorpe.com"] [uri "/app/.git/config"] [unique_id "aY7DMBiv1DeWjm8mnpemGAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:29:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:29:19.210841 2026] [security2:error] [pid 18421:tid 18421] [client 104.207.38.233:30671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mauriciagandara.com"] [uri "/admin/.env"] [unique_id "aY62r49Q9wW2G5pOhJiqGwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:32:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:32:19.483446 2026] [security2:error] [pid 13254:tid 13254] [client 104.207.38.233:32841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marxistphilosophy.org"] [uri "/.git/config"] [unique_id "aY6pUw2tDLjzj77hiUxbQwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 19:38:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:38:16.155880 2026] [security2:error] [pid 12730:tid 12730] [client 104.207.38.233:46059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honigcpa.com"] [uri "/.git/config"] [unique_id "aY4sKCQsL4_ldqs7guK1eQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:01:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:01:05.680216 2026] [security2:error] [pid 18790:tid 18790] [client 104.207.38.233:63579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cruanyes.com"] [uri "/.env"] [unique_id "aY4HUZSuz1bsypkOI2FbRwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:42:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:42:34.522695 2026] [security2:error] [pid 66996:tid 66996] [client 104.207.38.233:36045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dcwenger.com"] [uri "/.git/config"] [unique_id "aY306i5mMRaq1utwv34wUAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-02-11 20:16:10 (4 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 fbarela	2025-12-31 16:00:12 (5 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇫🇷 Jean Valjean	2025-12-30 23:23:22 (5 months ago)	Fail2ban Caboom : xmlrpc.php Abuse	SQL Injection Web App Attack
🇨🇭 backslash	2025-12-30 16:05:05 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇹 VHosting	2025-12-30 03:05:09 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.242.226.126

🇧🇷 177.105.216.108

🇨🇳 223.72.130.115

🇬🇧 193.176.29.30

🇵🇰 182.191.83.123

🇭🇰 118.26.36.195

🇮🇩 103.132.52.250

🇧🇼 102.165.149.106

🇲🇩 91.208.184.122

🇩🇪 43.157.98.118

🇺🇸 34.217.134.173

🇰🇷 220.88.220.59

🇫🇮 185.229.66.92

🇺🇸 162.216.150.221

🇰🇷 147.47.73.86

🇨🇳 123.191.155.137

🇨🇳 120.240.178.146

🇦🇺 120.157.82.93

🇺🇸 76.145.10.140

🇹🇭 49.229.72.68