JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.70

104.207.38.70 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.70

Whois 104.207.38.70

IP Abuse Reports for 104.207.38.70:

This IP address has been reported a total of 145 times from 18 distinct sources. 104.207.38.70 was first reported on June 19th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 David Koswari	2026-05-20 06:20:00 (3 weeks ago)	REQ_BLOCKED_SECURITY	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
Anonymous	2026-04-13 23:24:36 (1 month ago)	Attempt to scan vulnerabilities	Hacking
Anonymous	2026-04-12 05:58:40 (1 month ago)	Attempt to scan vulnerabilities	Hacking
Anonymous	2026-03-31 20:39:19 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-03-01 09:23:24 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-09 22:13:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:13:47.660100 2026] [security2:error] [pid 27795:tid 27795] [client 104.207.38.70:22507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gaudensinnovo.com"] [uri "/config/.env"] [unique_id "aYpcG9MGD0vItEV6KrwV4gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 18:49:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 13:49:08.893107 2026] [security2:error] [pid 903883:tid 903883] [client 104.207.38.70:12111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxgwkw.com"] [uri "/wp/.git/config"] [unique_id "aYosJIjHoysVeXVfT7CcZwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 11:59:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 06:59:30.227301 2026] [security2:error] [pid 9861:tid 9861] [client 104.207.38.70:19011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galvez.cc"] [uri "/api/.env"] [unique_id "aYnMInCb_2T2VaJ9p3pVTQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 09:31:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 04:31:01.983191 2026] [security2:error] [pid 24986:tid 24986] [client 104.207.38.70:64981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fulltime-life.com"] [uri "/app/.git/config"] [unique_id "aYmpVS56eVnh0VAqPbMTOQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 02:10:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 21:10:52.294117 2026] [security2:error] [pid 23559:tid 23559] [client 104.207.38.70:26531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftwwx.com"] [uri "/test/.git/config"] [unique_id "aYlCLJJ8iH8J7_OwwYKZEQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-08 21:13:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 16:13:48.710390 2026] [security2:error] [pid 20135:tid 20135] [client 104.207.38.70:40027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fsmfl.com"] [uri "/.env.save"] [unique_id "aYj8jCfJ3Atrl98n_XrrIwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-12-28 22:00:21 (5 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-12-14 15:03:11 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-04 08:53:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 03:53:16.617337 2025] [security2:error] [pid 32284:tid 32284] [client 104.207.38.70:41973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magacine.tv"] [uri "/.git/HEAD"] [unique_id "aTFL_IV4EXustE1embYaNAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 21:46:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:46:26.688715 2025] [security2:error] [pid 13559:tid 13559] [client 104.207.38.70:40769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casagrotto.com"] [uri "/.env"] [unique_id "aS9eMiBiZ1OUFjnax5RIYQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.238

🇭🇰 199.45.155.103

🇺🇸 34.174.151.178

🇺🇸 34.24.88.226

🇺🇸 20.40.218.140

🇩🇪 207.189.10.151

🇧🇷 189.34.154.9

🇳🇱 158.115.252.56

🇰🇭 150.129.20.106

🇺🇸 73.43.129.90

🇺🇸 67.203.32.63

🇺🇸 66.154.124.165

🇩🇪 64.89.163.173

🇦🇷 45.177.200.233

🇳🇱 45.142.193.53

🇮🇩 43.243.142.42

🇺🇸 34.174.37.116

🇺🇸 34.162.5.57

🇺🇸 34.158.9.7

🇺🇸 34.134.34.82