JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.83

104.207.38.83 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.83

Whois 104.207.38.83

IP Abuse Reports for 104.207.38.83:

This IP address has been reported a total of 140 times from 14 distinct sources. 104.207.38.83 was first reported on June 8th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-08 12:05:04 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇫🇷 ISPLtd	2025-12-15 15:35:06 (5 months ago)	Dec 15 11:35:03 104.207.38.83 TCP SPT=42927 DPT=2083 SYN Dec 15 11:35:04 104.207.38.83 TCP SPT=42927 ... show more Dec 15 11:35:03 104.207.38.83 TCP SPT=42927 DPT=2083 SYN Dec 15 11:35:04 104.207.38.83 TCP SPT=42927 DPT=2083 SYN Dec 15 11:35:05 104.207.38.83 TCP SPT=42927 DPT=2083 ... show less	Port Scan
Anonymous	2025-12-14 12:25:02 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-09 15:35:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 10:35:03.598108 2025] [security2:error] [pid 9832:tid 9832] [client 104.207.38.83:55197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "proper-freight.com"] [uri "/.env"] [unique_id "aThBp4BVfkPXDG9t9I2shQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:36:33 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:36:28.473246 2025] [security2:error] [pid 11545:tid 11545] [client 104.207.38.83:37955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "villasenor.org"] [uri "/.svn/wc.db"] [unique_id "aTWe_LzSJ73sfv47UUs22gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 technojoe99	2025-12-07 12:50:08 (5 months ago)	Exploit scan from 104.207.38.83. GET /.svn/wc.db HTTP/1.1.	Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 08:40:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 03:40:39.845899 2025] [security2:error] [pid 10910:tid 10910] [client 104.207.38.83:10499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "volkerjahn.link"] [uri "/.env"] [unique_id "aTPsB1QNVNIFPdYJHcOwlwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 00:50:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 19:50:47.472010 2025] [security2:error] [pid 3493:tid 3493] [client 104.207.38.83:24677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dluxe.group"] [uri "/.svn/wc.db"] [unique_id "aTN95527pP6GODii0neh9gAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:45:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:45:31.557941 2025] [security2:error] [pid 444:tid 444] [client 104.207.38.83:36271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tpdtuberental.com"] [uri "/.env"] [unique_id "aTK3y3ZGBkuc621YcJbhDQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:43:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:43:19.648625 2025] [security2:error] [pid 5888:tid 5888] [client 104.207.38.83:17117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "micahgartman.com"] [uri "/.git/HEAD"] [unique_id "aTJw9_74JZFy7rrLqhbcLQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:09:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:09:49.294490 2025] [security2:error] [pid 1130:tid 1130] [client 104.207.38.83:31715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "josephnine.com"] [uri "/.env"] [unique_id "aTJM_bShCzIRkUhZXHi6CwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:20:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:20:34.853883 2025] [security2:error] [pid 20357:tid 20357] [client 104.207.38.83:35873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "proyectando.com"] [uri "/.env"] [unique_id "aS9mMqi0SaR_CBMu7epU0QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:33:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:33:27.301884 2025] [security2:error] [pid 22550:tid 22550] [client 104.207.38.83:19563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "extreme-atv.com"] [uri "/.git/HEAD"] [unique_id "aS8Gx4PXyAtT1Xbzh5CMNwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 09:27:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 04:27:38.015041 2025] [security2:error] [pid 32119:tid 32119] [client 104.207.38.83:59399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billhumphreyresearch.com"] [uri "/.env"] [unique_id "aS6xCtFhgx56ni7Ik8k8VQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 190.142.232.202

🇷🇺 46.44.0.185

🇹🇷 212.64.216.142

🇺🇸 178.92.1.80

🇯🇵 156.227.232.83

🇫🇮 147.185.133.140

🇨🇳 113.206.197.173

🇺🇸 66.132.186.244

🇵🇭 38.60.245.104

🇬🇷 31.217.176.1

🇭🇰 23.91.97.170

🇨🇳 175.148.155.218

🇵🇰 139.135.41.56

🇮🇳 106.222.225.188

🇨🇳 106.36.193.42

🇿🇲 74.244.129.11

🇰🇷 59.16.212.232

🇲🇾 47.250.160.88

🇳🇱 45.142.193.53

🇬🇷 31.217.176.10