JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.253

104.207.39.253 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.253

Whois 104.207.39.253

IP Abuse Reports for 104.207.39.253:

This IP address has been reported a total of 134 times from 19 distinct sources. 104.207.39.253 was first reported on June 6th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 webgobe	2026-06-22 08:12:22 (6 days ago)	wew-Joomla User : try to access forms...	Hacking
🇫🇷 ELYAZ	2026-06-10 12:52:40 (2 weeks ago)	(y4) Failed scan -byebye- from 104.207.39.253 (US/United States/-): (CF_ENABLE)	Hacking
🇺🇸 lostswordfish.com	2026-06-10 11:56:05 (2 weeks ago)	Wordfence waf block on advocates4change	Web App Attack
🇬🇧 spamverify.com	2026-06-10 11:05:59 (2 weeks ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-22 13:32:16 (4 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:18:50 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:18:43.795995 2025] [security2:error] [pid 15556:tid 15556] [client 104.207.39.253:57317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.internet-brochures.com"] [uri "/.env"] [unique_id "aSaNsz54x52hanlq5vHIkgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:11:20 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:11:12.156614 2025] [security2:error] [pid 3365544:tid 3365642] [client 104.207.39.253:39233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "a2zlns.jd-web-designs.com"] [uri "/.env"] [unique_id "aSZhwJ6gyU3zOv0h7a55QQAAAhQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:10:52 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:10:44.308256 2025] [security2:error] [pid 25381:tid 25381] [client 104.207.39.253:28189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.lighthouseinvitations.com"] [uri "/.env"] [unique_id "aSZTlLzLnvso20fFwt1amwAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 23:04:56 (7 months ago)	Probing to gain illegal access	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:46:25 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:46:19.317563 2025] [security2:error] [pid 2825:tid 2825] [client 104.207.39.253:16461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.timjbutler.com"] [uri "/.env"] [unique_id "aSQNS-KPXcboH6iyuSzGsAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 22:52:29 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-09 03:58:35 (7 months ago)	2025-11-09T05:58:34.816434+02:00 zanati wp(www.sahpa.co.za)[2250683]: Blocked authentication attempt ... show more 2025-11-09T05:58:34.816434+02:00 zanati wp(www.sahpa.co.za)[2250683]: Blocked authentication attempt for [email protected] from 104.207.39.253 ... show less	Web App Attack
🇵🇱 sefinek.net	2025-11-08 17:29:44 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇵🇱 sefinek.net	2025-10-29 18:55:31 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇦 wil.com	2025-10-18 01:54:34 (8 months ago)	GlobalProtect login attempts with user jmarchuletta.	VPN IP Brute-Force

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇿 78.44.192.210

🇹🇼 198.235.24.92

🇸🇬 194.5.82.142

🇨🇳 223.64.118.144

🇧🇷 205.210.31.174

🇧🇪 198.235.24.229

🇳🇱 89.21.67.148

🇺🇸 72.10.32.138

🇳🇱 45.153.34.186

🇬🇧 172.69.224.173

🇳🇱 167.172.42.229

🇦🇪 152.32.181.108

🇭🇰 128.1.132.220

🇺🇸 207.90.244.13

🇯🇵 203.25.124.179

🇯🇵 203.25.124.151

🇮🇶 188.72.10.37

🇧🇷 177.200.113.152

🇷🇺 165.154.179.62

🇧🇷 164.163.24.11