JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.74

104.207.38.74 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.74

Whois 104.207.38.74

IP Abuse Reports for 104.207.38.74:

This IP address has been reported a total of 142 times from 19 distinct sources. 104.207.38.74 was first reported on June 8th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-24 20:47:04 (2 weeks ago)	1.817 requests with url.path //xmlrpc.php	Brute-Force Bad Web Bot
🇬🇧 relianoid.com	2026-02-13 20:03:35 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇬🇧 relianoid.com	2026-01-14 05:51:29 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 fbarela	2025-12-29 00:00:13 (5 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇺🇸 island-freaks.com	2025-12-21 08:38:17 (5 months ago)	Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 104.207.38.74 \| Agent: Mozi ... show more Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 104.207.38.74 \| Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
🇹🇷 Domainhizmetleri.com	2025-12-17 23:23:18 (5 months ago)	Trying to detecting and hacking a CRM Admin Panel via 443/tcp. Invalid path: /admin/	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-14 04:06:50 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.38.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.38.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 13 23:06:42.502489 2025] [security2:error] [pid 2886:tid 2886] [client 104.207.38.74:24265] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fundaciondamashcc.org.ec\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fundaciondamashcc.org.ec"] [uri "/wp-json/wp/v2/users"] [unique_id "aT430ihGVjS9_hsKhMWbEQAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-12 05:50:03 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2025-12-07 14:09:40 (6 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-04 22:24:18 (6 months ago)	WP Login Scan Activities	Web App Attack
Anonymous	2025-12-03 23:46:32 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-11-28 01:00:05 (6 months ago)	Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.28 is noted in report ti ... show more Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.28 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 04:08:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:08:29.864164 2025] [security2:error] [pid 3933:tid 3933] [client 104.207.38.74:19633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jimwilsongallery.com"] [uri "/.svn/wc.db"] [unique_id "aSUrvSWBoR4cCy-6eVGqUgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:18:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:18:09.383715 2025] [security2:error] [pid 4551:tid 4551] [client 104.207.38.74:15293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cbtattam.com"] [uri "/.git/HEAD"] [unique_id "aSUR4c9pVHZk544k9RCSIwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:57:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:57:44.796552 2025] [security2:error] [pid 13120:tid 13120] [client 104.207.38.74:37085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agreyhawkcampaign.net.bandsolution.net"] [uri "/.env"] [unique_id "aSUNGCcUuZ_KPZndD5cLrAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 174.161.27.82

🇺🇸 172.93.215.45

🇮🇩 103.27.251.228

🇭🇰 101.32.52.164

🇺🇸 52.146.89.83

🇨🇳 218.59.175.217

🇳🇱 213.177.179.150

🇧🇪 198.235.24.148

🇹🇳 197.5.145.102

🇬🇧 193.32.209.231

🇺🇸 172.178.83.182

🇫🇷 143.244.57.84

🇨🇳 121.61.163.187

🇨🇳 113.31.103.129

🇨🇳 111.226.46.75

🇳🇱 103.214.5.133

🇮🇩 103.98.176.164

🇻🇳 103.75.183.177

🇸🇬 101.100.194.252

🇧🇬 79.124.62.126