JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.57

104.207.38.57 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.57

Whois 104.207.38.57

IP Abuse Reports for 104.207.38.57:

This IP address has been reported a total of 146 times from 20 distinct sources. 104.207.38.57 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-19 02:48:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:48:22.867381 2026] [security2:error] [pid 29043:tid 29043] [client 104.207.38.57:26169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithwillwynne.com"] [uri "/app/.env"] [unique_id "aZZ59kSB5ymZ3UXtk5lcdwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-18 22:05:12 (4 months ago)	Scanning/Probing (20)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:05:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:05:23.286557 2026] [security2:error] [pid 28343:tid 28343] [client 104.207.38.57:58677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tractiondrive.com"] [uri "/wp/.git/config"] [unique_id "aZYbg1tkryG9R9rsGIDNHwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:48:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:48:28.329190 2026] [security2:error] [pid 13831:tid 13831] [client 104.207.38.57:14843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thoughtage.com"] [uri "/frontend/.env"] [unique_id "aZYJfHABKuqrG4FfOo12XwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:30:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:30:03.943955 2026] [security2:error] [pid 5649:tid 5649] [client 104.207.38.57:26503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thevillageartcenter.com"] [uri "/.env.production"] [unique_id "aZYFK4E3ckrOMS6gf2xvmQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 15:55:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 10:55:34.260377 2026] [security2:error] [pid 1856:tid 1856] [client 104.207.38.57:20529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yareblooms.click"] [uri "/api/.env"] [unique_id "aZXg9noFSmbNVan4NyNORgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:55:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:55:17.988528 2026] [security2:error] [pid 24897:tid 24897] [client 104.207.38.57:28901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "warnock.ws"] [uri "/.env.save"] [unique_id "aZWopcJpoaw7ofZFUEy7sAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-15 12:20:27 (4 months ago)	http-sensitive-files - IP: 104.207.38.57 - time="2026-02-15T13:20:27+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.38.57 - time="2026-02-15T13:20:27+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.38.57 (US/200373) : 4h ban on Ip 104.207.38.57" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:06:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:06:27.167494 2026] [security2:error] [pid 26190:tid 26190] [client 104.207.38.57:32179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panesarlaw.com"] [uri "/test/.git/config"] [unique_id "aZG2w3NGWBodYKd0AYLtRAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 06:59:55 (4 months ago)	Blocking for trying to access an exploit file: /app/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-15 06:21:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:21:05.814457 2026] [security2:error] [pid 16693:tid 16693] [client 104.207.38.57:29241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scifitimeline.com"] [uri "/backup/.git/config"] [unique_id "aZFl0Yav82Gj7ZIrVibEEgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:14:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:14:03.043264 2026] [security2:error] [pid 8233:tid 8233] [client 104.207.38.57:10209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "odysseydogasporlari.com"] [uri "/.git/config"] [unique_id "aZFWG9Fx9fGMhdDy4IXVswAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:31:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:30:57.751173 2026] [security2:error] [pid 2438005:tid 2438005] [client 104.207.38.57:58381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nolagardenmarket.com"] [uri "/.env"] [unique_id "aZE98alCIEBnI4ahemzP4wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 03:05:47 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a13:dcc4:eb:fd8a:f0c9:3487:2f8a:4c3e

🇬🇧 217.146.80.108

🇵🇱 194.180.48.34

🇧🇷 187.120.72.124

🇩🇪 167.233.22.224

🇺🇸 162.216.150.90

🇺🇸 161.123.230.118

🇺🇸 109.105.210.60

🇷🇴 80.94.92.171

🇺🇸 54.82.2.214

🇹🇷 45.67.155.123

🇷🇴 2.57.121.112

🇺🇸 2607:f8b0:4004:1000::122

🇧🇪 198.235.24.239

🇬🇧 193.163.125.230

🇩🇪 185.242.3.226

🇸🇬 172.188.89.41

🇺🇸 103.143.238.100

🇺🇸 216.73.217.106

🇹🇼 198.235.24.80