JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.174

104.207.39.174 was found in our database!

This IP was reported 180 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.174

Whois 104.207.39.174

IP Abuse Reports for 104.207.39.174:

This IP address has been reported a total of 180 times from 29 distinct sources. 104.207.39.174 was first reported on June 11th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 dtorrer	2026-06-10 09:54:26 (2 weeks ago)	Brute-force general attack.	Brute-Force
🇪🇸 librebit	2026-05-17 05:45:14 (1 month ago)	Brute force	Brute-Force
🇺🇸 nowyouknow	2026-05-15 22:47:36 (1 month ago)	(From [email protected]) Hi Lampe Chiropractic, I wanted to bump this in case you m ... show more (From [email protected]) Hi Lampe Chiropractic, I wanted to bump this in case you missed it — I built an AI agent just for Lampe Chiropractic, trained on your website, Google info, and everything I could find. It’s ready to answer customer questions, book appointments, and even follow up automatically. On average, our agents help increase leads by 17% without any work needed on your part. Again, this isn’t a pitch — just 20 minutes to test-drive your new AI employee. Here’s the link to book a time: getdandy.com/schedule-a-call/ or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/schedule-a-call/ Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-26 02:24:58 (3 months ago)	Forum/form spam	Web Spam
🇩🇪 Lino Project	2026-03-22 19:42:40 (3 months ago)	104.207.39.174 - - [22/Mar/2026:20:42:33 +0100] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "http ... show more 104.207.39.174 - - [22/Mar/2026:20:42:33 +0100] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https://www.primobio.it/mio-account/?action=register" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" 104.207.39.174 - - [22/Mar/2026:20:42:39 +0100] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https://www.primobio.it/mio-account/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2026-03-18 16:09:48 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇬🇧 relianoid.com	2026-03-06 21:58:21 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇧🇪 boxed-it	2026-02-26 10:09:48 (4 months ago)	GET /.git/config (Tarpitted for 2m10s, wasted 7.73kB)	Web App Attack
🇫🇷 tilellit.pro	2026-02-23 13:06:42 (4 months ago)	Fail2Ban banned 104.207.39.174 for security violations in jail wp-armour. Log: 2026/02/23 13:06:41 [ ... show more Fail2Ban banned 104.207.39.174 for security violations in jail wp-armour. Log: 2026/02/23 13:06:41 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.39.174 \| Target: wplogin" , client: 104.207.39.174, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2026-02-18 18:45:48 (4 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-15 12:05:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:05:15.597871 2026] [security2:error] [pid 2810272:tid 2810272] [client 104.207.39.174:45219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tigerpathteam.org"] [uri "/v2/.git/config"] [unique_id "aZG2e2gFXVlwcKEvZAeKQwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:25:47 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:25:42.897629 2026] [security2:error] [pid 4353:tid 4353] [client 104.207.39.174:61775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewanderinghermit.com"] [uri "/.env.save"] [unique_id "aZGtNoP6hBmWlE38R-7YDgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-02-15 06:13:21 (4 months ago)	11 attacks on env grabbing URLs, VC URLs: GET /.env.local HTTP/1.1 GET /new/.git/config HTTP/1.1	Hacking
🇺🇸 TPI-Abuse	2026-02-15 05:35:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:35:06.047400 2026] [security2:error] [pid 26343:tid 26343] [client 104.207.39.174:58257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "susansambou.org"] [uri "/test/.git/config"] [unique_id "aZFbCmRePpyWhB3CU5Fl1AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 180 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.227

🇧🇷 177.87.107.16

🇺🇸 147.185.132.46

🇨🇳 118.145.242.91

🇨🇳 113.200.216.246

🇨🇳 111.22.137.124

🇳🇱 91.92.40.240

🇬🇧 62.141.63.15

🇨🇳 47.112.110.110

🇧🇷 45.238.93.115

🇧🇷 45.70.52.250

🇬🇧 35.203.211.4

🇸🇦 34.166.5.230

🇮🇩 202.155.90.19

🇺🇸 162.216.149.15

🇨🇳 119.145.29.99

🇳🇱 91.92.40.239

🇹🇭 49.228.245.100

🇧🇷 45.232.224.95

🇧🇷 45.232.162.187