JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.22

104.207.39.22 was found in our database!

This IP was reported 87 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.22

Whois 104.207.39.22

IP Abuse Reports for 104.207.39.22:

This IP address has been reported a total of 87 times from 23 distinct sources. 104.207.39.22 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 el-brujo	2026-02-23 14:42:59 (4 months ago)	Cloudflare WAF: Request Path: /.git/config Request Query: Host: forum.elhacker.net userAgent: Mozil ... show more Cloudflare WAF: Request Path: /.git/config Request Query: Host: forum.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Action: block Source: firewallManaged ASN Description: DREI-K-TECH-GMBH Country: US Method: GET Timestamp: 2026-02-23T14:42:59Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇫🇷 solution.it	2026-02-08 15:38:43 (4 months ago)	[Sun Feb 08 16:38:42.429305 2026] [php7:error] [pid 2244550:tid 2244550] [client 104.207.39.22:31781 ... show more [Sun Feb 08 16:38:42.429305 2026] [php7:error] [pid 2244550:tid 2244550] [client 104.207.39.22:31781] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇫🇷 solution.it	2026-02-05 15:38:42 (4 months ago)	[Thu Feb 05 16:38:42.338554 2026] [php7:error] [pid 1248997:tid 1248997] [client 104.207.39.22:26413 ... show more [Thu Feb 05 16:38:42.338554 2026] [php7:error] [pid 1248997:tid 1248997] [client 104.207.39.22:26413] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 21:28:12 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 16:28:07.157337 2026] [security2:error] [pid 2211759:tid 2211775] [client 104.207.39.22:15139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paygulf.com"] [uri "/.svn/wc.db"] [unique_id "aXFE520QRDLThYPf9lGB7AAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 18:59:29 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 13:59:24.238302 2026] [security2:error] [pid 20974:tid 20974] [client 104.207.39.22:24699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rays-work.com"] [uri "/.git/HEAD"] [unique_id "aXEiDB8bQ99gmom55_Uo2AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 13:58:30 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 08:58:23.665796 2026] [security2:error] [pid 13939:tid 13939] [client 104.207.39.22:29009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stellwagenmusic.com"] [uri "/.git/HEAD"] [unique_id "aXDbf4ie5_l-RipypqG33QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 13:02:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 08:02:17.568907 2026] [security2:error] [pid 8385:tid 8405] [client 104.207.39.22:59125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "captechinc.com"] [uri "/.git/HEAD"] [unique_id "aXDOWbIQ2XocAFObosbVVgAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-21 12:08:27 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 07:08:22.419158 2026] [security2:error] [pid 15571:tid 15571] [client 104.207.39.22:23177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grayowl.com"] [uri "/.svn/wc.db"] [unique_id "aXDBtk1RAufLDLJtBz-C8wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Phenix Info	2026-01-21 09:53:23 (5 months ago)	SmallGuard.fr/Prestashop Forbidden Ext.	Web App Attack
🇩🇪 conseilgouz	2026-01-20 21:50:09 (5 months ago)	vee-17 : Block hidden directories=>/.aws/credentials(/)	Hacking
🇫🇮 Shaik Sai Meera	2026-01-20 21:00:13 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
Anonymous	2025-12-22 17:22:05 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-12-02 23:48:16 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-11-13 22:02:40 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 87 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.252.244

🇳🇱 195.178.110.228

🇩🇿 193.194.91.218

🇮🇩 182.10.99.188

🇫🇷 89.117.61.157

🇹🇷 88.227.76.87

🇭🇰 47.243.239.25

🇩🇪 46.101.184.170

🇸🇪 185.103.101.74

🇷🇺 176.123.217.140

🇺🇸 172.234.218.245

🇯🇵 118.193.61.170

🇨🇳 112.51.225.231

🇫🇷 95.111.234.72

🇩🇪 88.99.98.250

🇮🇪 4.210.68.162

🇹🇼 198.235.24.88

🇲🇽 187.191.48.23

🇨🇳 120.242.142.180

🇳🇱 88.210.63.79