JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.29

104.207.38.29 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.29

Whois 104.207.38.29

IP Abuse Reports for 104.207.38.29:

This IP address has been reported a total of 136 times from 13 distinct sources. 104.207.38.29 was first reported on June 21st 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 MatStef132	2026-05-19 21:18:22 (4 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:59:02 (4 weeks ago)	MatShield L7: blocked on dstat.selify.io (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-15 13:29:59 (1 month ago)	MatShield L7 blocked request to fivemtest.mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:37 (1 month ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-04-28 15:44:20 (1 month ago)	Cloudflare WAF: Request Path: /123456 Request Query: ?fbclid=e2I5m0wi-bB2j-tG3e-V14U1MU1RMjs Host: e ... show more Cloudflare WAF: Request Path: /123456 Request Query: ?fbclid=e2I5m0wi-bB2j-tG3e-V14U1MU1RMjs Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: 3xK Tech GmbH Country: US Method: GET Timestamp: 2026-04-28T15:44:20Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇱🇻 garmtech.com	2026-03-24 09:49:50 (2 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇩🇪 F242	2026-01-30 07:02:40 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-23 07:04:54 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-30 18:31:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 13:30:40.083030 2025] [security2:error] [pid 13676:tid 13676] [client 104.207.38.29:16263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.patrickodougherty.com"] [uri "/.env"] [unique_id "aVQaUDUJhTzBj4Fa_R8nsQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:04:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:04:25.607513 2025] [security2:error] [pid 16848:tid 16851] [client 104.207.38.29:46131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabegabel.com"] [uri "/.git/HEAD"] [unique_id "aVIL2eY3Wlk-Bgm76UqxWwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-22 14:12:59 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-12-14 19:29:16 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 07:36:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:36:36.858327 2025] [security2:error] [pid 1373:tid 1373] [client 104.207.38.29:33813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rwcartoons.com"] [uri "/.env"] [unique_id "aSQLBH5PadcbiITCHvby6wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:42:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:41:59.743185 2025] [security2:error] [pid 1953:tid 1953] [client 104.207.38.29:48387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.saldesica.com"] [uri "/.git/HEAD"] [unique_id "aSP-N_bQvPa9KMe85KxMlQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:37:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:37:26.361827 2025] [security2:error] [pid 1882:tid 1882] [client 104.207.38.29:27685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.americanureport.com"] [uri "/.env"] [unique_id "aSPhBii4QrPZZSZjktL9RQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.98.169.66

🇧🇷 20.197.232.12

🇺🇸 198.98.62.211

🇫🇮 178.20.210.208

🇳🇱 178.16.53.230

🇧🇷 177.6.162.182

🇳🇱 176.65.148.81

🇮🇹 172.253.13.151

🇳🇱 161.35.146.100

🇻🇳 157.66.80.124

🇮🇳 139.59.59.165

🇮🇳 135.235.138.43

🇺🇸 104.237.248.200

🇺🇸 64.62.156.155

🇺🇸 52.176.211.73

🇺🇸 47.251.80.97

🇳🇱 45.154.98.101

🇳🇱 20.31.232.59

🇳🇱 172.94.9.70

🇷🇴 141.98.83.240