JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.196

104.207.39.196 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.196

Whois 104.207.39.196

IP Abuse Reports for 104.207.39.196:

This IP address has been reported a total of 132 times from 17 distinct sources. 104.207.39.196 was first reported on June 5th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 03:54:09 (4 days ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-20 04:27:58 (1 week ago)	Web App Attack	Web App Attack
🇨🇳 Peter Yu	2026-06-13 15:01:43 (2 weeks ago)		Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-12-31 17:00:04 (5 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-27 21:22:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:22:36.769929 2025] [security2:error] [pid 32589:tid 32589] [client 104.207.39.196:19557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lamineparke.com"] [uri "/.git/HEAD"] [unique_id "aVBOHM9AMngbvlGyRjG-yQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:04:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:04:07.424863 2025] [security2:error] [pid 17284:tid 17284] [client 104.207.39.196:34767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.trafficstopper.com"] [uri "/.svn/wc.db"] [unique_id "aVBJxwx7W23TTdLu5eXzGwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:34:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:34:34.894688 2025] [security2:error] [pid 4876:tid 4876] [client 104.207.39.196:34543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aaronbeg.com"] [uri "/.env"] [unique_id "aVBC2uDB_W4W_JzPR-AZxwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:16:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:16:28.798188 2025] [security2:error] [pid 4573:tid 4600] [client 104.207.39.196:29477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inkandthreadllc.com"] [uri "/.git/HEAD"] [unique_id "aVA-nHM4MRc4Fzor1cVsTQAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-12-26 03:29:28 (6 months ago)	trolling for resource vulnerabilities	Web App Attack
🇧🇷 hostseries	2025-12-24 04:59:07 (6 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇺🇸 Vano Ganzzz	2025-12-21 02:58:18 (6 months ago)	Triggered Cloudflare WAF (l7ddos) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protoc ... show more Triggered Cloudflare WAF (l7ddos) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2025-12-21T02:58:18Z Ray ID: 9b141df0497fdc5f UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 show less	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇬🇧 openstrike.co.uk	2025-12-10 08:48:24 (6 months ago)	9 packets to port 2083	Port Scan
🇫🇷 mrcrassi	2025-12-07 18:17:17 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-27 19:24:49 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:24:41.837960 2025] [security2:error] [pid 12546:tid 12546] [client 104.207.39.196:15021] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artbytracyjane.com"] [uri "/.git/HEAD"] [unique_id "aSileavKVsLKUy4YRFDehAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 81.30.98.225

🇦🇺 74.91.200.217

🇳🇱 45.148.10.152

🇸🇬 167.71.218.184

🇯🇵 152.32.202.151

🇱🇹 141.98.9.66

🇧🇷 131.72.84.48

🇨🇳 119.96.137.18

🇱🇻 81.30.98.144

🇺🇸 66.132.186.254

🇬🇧 35.203.210.38

🇺🇸 207.90.244.22

🇸🇬 173.239.196.169

🇳🇬 165.154.11.206

🇺🇸 162.216.150.175

🇨🇳 162.14.114.97

🇫🇮 147.185.133.52

🇺🇸 146.190.59.135

🇺🇸 47.251.116.61

🇺🇸 205.210.31.101