JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.20

104.207.39.20 was found in our database!

This IP was reported 85 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.20

Whois 104.207.39.20

IP Abuse Reports for 104.207.39.20:

This IP address has been reported a total of 85 times from 17 distinct sources. 104.207.39.20 was first reported on June 11th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-10 10:44:43 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 masterguru	2026-04-06 00:47:32 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.39.20 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.39.20 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-12-26 01:13:33 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-09 00:08:01 (6 months ago)	botnet	DDoS Attack
🇮🇩 Burayot	2025-12-06 22:44:08 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.39.20 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.39.20 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:25:45 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:25:37.908822 2025] [security2:error] [pid 8496:tid 8496] [client 104.207.39.20:39499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.fitzmail.com"] [uri "/.env"] [unique_id "aSQWgce4v55qDWr0CVjHBAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:19:17 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:18:50.946470 2025] [security2:error] [pid 24713:tid 24713] [client 104.207.39.20:21177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cchockeyhistory.org"] [uri "/.env"] [unique_id "aSQG2o5geqN4m0aHBgSz1gAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:01:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:01:26.742752 2025] [security2:error] [pid 4128:tid 4128] [client 104.207.39.20:20347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.zoboz.com"] [uri "/.svn/wc.db"] [unique_id "aSPmpu_G2nkW_ebn5c93HQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 15:03:30 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-17 19:58:33 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-17 04:28:57 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.17 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-11 05:26:47 (8 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 22:39:42 (8 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.10 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-09 08:31:21 (8 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.09 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 85 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 57.141.0.10

🇺🇸 45.56.83.247

🇨🇳 221.229.216.1

🇫🇷 185.206.118.175

🇮🇩 163.7.11.155

🇨🇲 102.244.42.244

🇿🇦 102.64.32.62

🇸🇬 45.78.230.231

🇸🇬 8.219.233.233

🇧🇷 205.210.31.170

🇨🇴 190.27.51.82

🇨🇳 180.167.207.234

🇺🇸 162.216.150.35

🇨🇳 111.26.106.115

🇨🇳 61.240.17.66

🇺🇸 45.146.55.129

🇬🇧 35.203.210.83

🇺🇸 20.169.107.47

🇺🇸 216.25.89.104

🇷🇴 193.32.162.84