JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.239

104.207.38.239 was found in our database!

This IP was reported 156 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.239

Whois 104.207.38.239

IP Abuse Reports for 104.207.38.239:

This IP address has been reported a total of 156 times from 28 distinct sources. 104.207.38.239 was first reported on June 21st 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:00:11 (2 weeks ago)		Bad Web Bot
Anonymous	2026-04-02 10:21:48 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-01-25 12:40:42 (4 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-01-21 13:45:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 08:45:37.405868 2026] [security2:error] [pid 7462:tid 7462] [client 104.207.38.239:37017] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "klingandi.com"] [uri "/.git/HEAD"] [unique_id "aXDYgeh1QP5qRVPyF4pjMQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-22 16:58:17 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇦🇺 oncord	2025-12-14 13:24:39 (5 months ago)	Form spam	Web Spam
🇨🇴 directorioeducativo.com	2025-12-08 14:46:14 (5 months ago)	GET URL: "/.env"Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 21:50:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:50:53.346584 2025] [security2:error] [pid 29927:tid 29927] [client 104.207.38.239:22505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qualityelevatorcabs.com"] [uri "/.env"] [unique_id "aS9fPWe30PrMpLbRdex1rwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 16:29:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 11:29:49.231518 2025] [security2:error] [pid 16552:tid 16552] [client 104.207.38.239:37143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "phoboschildren.com"] [uri "/.env"] [unique_id "aS8T_YlSwYIaTMQFJ-YDVgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:10:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:10:33.405697 2025] [security2:error] [pid 25145:tid 25145] [client 104.207.38.239:56081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anywheregarden.com"] [uri "/.git/HEAD"] [unique_id "aS7XOV-bv2OxpF8vFD9HywAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 11:54:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 06:54:12.013156 2025] [security2:error] [pid 31675:tid 31675] [client 104.207.38.239:31655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dictionaryoffish.com"] [uri "/.svn/wc.db"] [unique_id "aS7TZACn4qpm5OyaKJpxzgAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SecondEdge	2025-12-02 07:02:31 (6 months ago)	A web attack was detected from 104.207.38.239 (China) against lifeofstu.com (Git Variable Scan).	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:44:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:44:25.433473 2025] [security2:error] [pid 32489:tid 32489] [client 104.207.38.239:36455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rlarms.com"] [uri "/.env"] [unique_id "aS6KyVE-qPnqOY7TSQJfTAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:00:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:00:28.472707 2025] [security2:error] [pid 3466:tid 3466] [client 104.207.38.239:39049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "strippolefitness.com"] [uri "/.svn/wc.db"] [unique_id "aS5ybDV8Ggo2nvlbsJcfSwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2025-11-29 11:51:14 (6 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -28.151 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -28.151 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/ show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 156 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.148.10.141

🇲🇽 186.96.145.241

🇸🇬 185.200.116.67

🇺🇸 172.202.122.207

🇷🇴 92.118.39.236

🇬🇧 77.98.99.60

🇺🇸 64.62.197.229

🇹🇭 171.4.216.47

🇺🇸 82.22.84.242

🇧🇬 79.124.60.146

🇫🇷 51.159.104.219

🇺🇸 2604:a940:300:5b6:0:21::

🇸🇬 165.22.252.177

🇫🇮 147.185.133.151

🇮🇳 103.123.53.88

🇨🇳 61.52.36.56

🇳🇱 45.148.10.152

🇦🇲 45.129.185.7

🇹🇷 5.25.71.131

🇺🇸 207.46.13.14