JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.38.94

104.207.38.94 was found in our database!

This IP was reported 164 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.38.94

Whois 104.207.38.94

IP Abuse Reports for 104.207.38.94:

This IP address has been reported a total of 164 times from 24 distinct sources. 104.207.38.94 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-16 22:03:31 (1 week ago)	Auto-ban: >3000 req/min op 2026-06-16	Web App Attack SSH Hacking
🇳🇱 debestelapp	2026-06-16 11:25:09 (1 week ago)		Web App Attack
Anonymous	2026-04-24 23:02:38 (1 month ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-21 23:12:52 (3 months ago)	Forum/form spam	Web Spam
🇧🇪 taivas.nl	2026-03-07 18:32:13 (3 months ago)	Wordpress_xmlrpc_attack	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-17 21:44:25 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.38.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.38.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 16:44:17.551950 2026] [security2:error] [pid 7278:tid 7278] [client 104.207.38.94:59489] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hotjive.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hotjive.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZThMVdFKui4STsbGTs-ZQAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-22 08:03:29 (5 months ago)	Forum/form spam	Web Spam
Anonymous	2026-01-05 04:01:57 (5 months ago)	Infected user bad webscan	Exploited Host
🇵🇱 sefinek.net	2025-12-12 19:28:22 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 MAGIC	2025-12-10 04:10:52 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇭 backslash	2025-12-02 19:50:03 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-27 20:53:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:53:23.163934 2025] [security2:error] [pid 698:tid 698] [client 104.207.38.94:46875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dancingorchidvillas.com"] [uri "/.git/HEAD"] [unique_id "aSi6Q8pYQcJ2_U8IxfcAbgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:58:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:58:08.537820 2025] [security2:error] [pid 2816054:tid 2816054] [client 104.207.38.94:60311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.leolion.net"] [uri "/.svn/wc.db"] [unique_id "aSbrUHifUEuv_wnFtiOZZAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:36:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.38.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.38.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:36:47.557127 2025] [security2:error] [pid 7396:tid 7396] [client 104.207.38.94:13343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dixiegeek.cosentient.com"] [uri "/.git/HEAD"] [unique_id "aSaf_0362ObT_z83cGZo4gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 164 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 91.230.168.203

🇵🇱 77.87.199.234

🇸🇬 43.133.61.150

🇺🇸 205.210.31.80

🇻🇳 183.91.11.226

🇲🇾 172.111.157.11

🇧🇷 143.95.209.223

🇫🇷 92.103.134.183

🇺🇸 91.230.168.223

🇺🇸 71.12.42.216

🇮🇳 66.116.205.19

🇮🇳 64.227.150.86

🇳🇱 45.148.10.151

🇸🇬 43.173.173.187

🇫🇷 213.32.122.82

🇩🇪 207.154.250.9

🇧🇷 205.210.31.214

🇺🇸 146.88.241.90

🇺🇸 141.11.88.22

🇨🇳 123.97.199.125