JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.78

104.207.38.78 was found in our database!

This IP was reported 162 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.78

Whois 104.207.38.78

IP Abuse Reports for 104.207.38.78:

This IP address has been reported a total of 162 times from 19 distinct sources. 104.207.38.78 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 06:14:39 (2 weeks ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-03-31 10:59:34 (2 months ago)	Brute force	Brute-Force
🇪🇸 10dencehispahard SL	2026-01-23 07:30:21 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇬🇧 openstrike.co.uk	2025-12-11 09:16:31 (5 months ago)	9 packets to port 2083	Port Scan
🇺🇸 TPI-Abuse	2025-12-09 08:47:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 03:47:39.935079 2025] [security2:error] [pid 429:tid 429] [client 104.207.38.78:23337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingdomvalleyfarm.com"] [uri "/.env"] [unique_id "aTfiK-ovUsjGJEx5nTBRTwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 02:05:25 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 21:05:18.299725 2025] [security2:error] [pid 9302:tid 9302] [client 104.207.38.78:46801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citrineartstudio.com"] [uri "/.env"] [unique_id "aTYyXunKOdThWv-hXyMbwwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-07 20:51:36 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-05 16:31:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:30:58.871037 2025] [security2:error] [pid 25894:tid 25894] [client 104.207.38.78:60261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "15tobefit.com"] [uri "/.env"] [unique_id "aTMIwtiyamJlSrw6kaIzpwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:50:59 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:50:55.204452 2025] [security2:error] [pid 2640:tid 2640] [client 104.207.38.78:21863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "timlandry.com"] [uri "/.svn/wc.db"] [unique_id "aTK5D-7HHBlmKlyxPE8hkQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:09:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:09:39.990681 2025] [security2:error] [pid 12511:tid 12511] [client 104.207.38.78:54399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "terrysavastano.com"] [uri "/.git/HEAD"] [unique_id "aTKTQzDgGnI2wTyXOSbLVAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 01:58:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:58:49.466325 2025] [security2:error] [pid 6500:tid 6500] [client 104.207.38.78:14473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lesdwiniarczyk.com"] [uri "/.git/HEAD"] [unique_id "aTI8Wfn8vuis9g4quqbXuwAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 01:04:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:04:37.643509 2025] [security2:error] [pid 2444:tid 2444] [client 104.207.38.78:44213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hogprinter.com"] [uri "/.svn/wc.db"] [unique_id "aTIvpSQNT40BOZnNE5VYhQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-12-01 02:34:09 (6 months ago)	trying to access non-authorized port	Port Scan
Anonymous	2025-11-16 20:10:16 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-29 02:10:23 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 162 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇹 185.242.177.4

🇨🇳 47.103.204.227

🇦🇷 201.176.251.195

🇺🇸 172.237.155.29

🇺🇸 93.152.208.42

🇺🇸 66.132.186.244

🇧🇪 34.78.81.60

🇰🇷 220.118.173.234

🇫🇷 185.189.236.46

🇵🇭 172.71.87.194

🇯🇴 172.69.36.142

🇺🇸 162.159.104.159

🇺🇸 152.32.183.236

🇺🇸 71.6.232.29

🇸🇦 51.39.227.82

🇺🇸 2607:f8b0:4001:c5f::128

🇵🇦 190.32.246.14

🇳🇱 185.130.226.159

🇨🇳 114.242.24.31

🇨🇳 111.2.183.136