JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.229

104.207.39.229 was found in our database!

This IP was reported 152 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.229

Whois 104.207.39.229

IP Abuse Reports for 104.207.39.229:

This IP address has been reported a total of 152 times from 22 distinct sources. 104.207.39.229 was first reported on June 7th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hary74656	2026-06-15 14:10:15 (1 week ago)	[Mon Jun 15 16:09:42.372589 2026] [security2:error] [pid 124593:tid 124710] [client 104.207.39.229:4 ... show more [Mon Jun 15 16:09:42.372589 2026] [security2:error] [pid 124593:tid 124710] [client 104.207.39.229:41589] [client 104.207.39.229] ModSecurity: Access denied with code 403 (phase 2). detected SQLi using libinjection with fingerprint 's&sos' [file "/usr/share/modsecurity-crs/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "66"] [id "942100"] [msg "SQL Injection Attack Detected via libinjection"] [data "Matched Data: s&sos found within ARGS:error: ' OR '1'='1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [hostname "www.weavernet.at"] [uri "/"] [unique_id "ajAHpiD_Za_lQyrRzgpobwAAAsE"] [Mon Jun 15 16:09:43.016162 2026] [security2:error] [pid 124593:tid 124701] [client 104.207.39.229:41589] [client 104.207.39.229] ModSecurity: Access denied with code 403 (phase 2). detected SQLi using libinjection with ... show less	Web App Attack
🇨🇳 Peter Yu	2026-06-13 15:01:18 (1 week ago)		Bad Web Bot Web App Attack
Anonymous	2026-04-12 05:46:31 (2 months ago)	Attempt to scan vulnerabilities	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-13 13:41:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:41:40.651607 2026] [security2:error] [pid 22969:tid 22969] [client 104.207.39.229:55343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindbodyrestored.com"] [uri "/config/.env"] [unique_id "aY8qFN_uPddzbPAWFZGnvwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2026-02-13 13:15:31 (4 months ago)	tcp/443; Git configuration exposure attempt: "GET /v2/.git/config" @ 2026-02-13T13:12:25Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:20:19 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:20:14.206426 2026] [security2:error] [pid 16019:tid 16019] [client 104.207.39.229:19715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mezensen.com"] [uri "/new/.git/config"] [unique_id "aY7szha19iSa_erAUmKNrwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:54:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:54:03.750330 2026] [security2:error] [pid 21084:tid 21084] [client 104.207.39.229:23355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metalgecko.com"] [uri "/admin/.env"] [unique_id "aY7mq5YL964UvsDN1L59NwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:09:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:09:35.262442 2026] [security2:error] [pid 17866:tid 17866] [client 104.207.39.229:53149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menagri.com"] [uri "/wp/.git/config"] [unique_id "aY7cPwCmyz2dCqywF44-7gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:35:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:35:22.385107 2026] [security2:error] [pid 11195:tid 11231] [client 104.207.39.229:17809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meanmouse.com"] [uri "/backup/.git/config"] [unique_id "aY7GKu_whjdQa9WHrd16hgAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 05:05:37 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇮🇩 Burayot	2026-02-13 04:35:17 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.39.229 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.39.229 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:04:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:04:29.645987 2026] [security2:error] [pid 16090:tid 16090] [client 104.207.39.229:10999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markrikey.com"] [uri "/.git/config"] [unique_id "aY6izT3fu69H1RSfnZy8bQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:44:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:44:49.023179 2026] [security2:error] [pid 2194616:tid 2194616] [client 104.207.39.229:23523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maritanasystems.com"] [uri "/.env.production"] [unique_id "aY6eMduRJH5UXk6C59LjVgAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:00:30 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH

Showing 1 to 15 of 152 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 212.227.235.203

🇭🇰 152.32.251.182

🇨🇳 101.96.195.62

🇨🇳 211.91.58.39

🇮🇳 182.60.128.241

🇺🇸 107.150.98.168

🇰🇷 106.248.246.130

🇮🇳 106.77.163.3

🇺🇸 66.132.172.194

🇺🇸 52.167.144.193

🇺🇸 43.162.122.171

🇮🇩 34.50.109.176

🇮🇳 182.95.181.138

🇩🇪 164.92.161.148

🇮🇩 157.15.40.91

🇻🇳 117.5.153.49

🇸🇬 43.173.173.249

🇩🇴 38.199.103.242

🇵🇰 202.1.27.133

🇺🇸 194.104.8.106