JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.8

104.207.39.8 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.8

Whois 104.207.39.8

IP Abuse Reports for 104.207.39.8:

This IP address has been reported a total of 121 times from 26 distinct sources. 104.207.39.8 was first reported on June 7th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:56:14 (1 day ago)	Web App Attack	Web App Attack
🇩🇰 RhQM	2026-06-15 05:20:12 (1 week ago)		Bad Web Bot Exploited Host Web App Attack
🇪🇸 librebit	2026-05-17 05:35:40 (1 month ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-05-15 00:09:49 (1 month ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 12:01:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:01:23.926809 2026] [security2:error] [pid 9664:tid 9664] [client 104.207.39.8:34181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pamplonaserviciotecnico.com"] [uri "/.env.production"] [unique_id "aZG1kw_VPOByFW7OkMv00QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:28:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:27:59.964800 2026] [security2:error] [pid 18468:tid 18468] [client 104.207.39.8:19559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxygenfarm.com"] [uri "/frontend/.env"] [unique_id "aZGtv6qWEUK66Eszq1OzhwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 11:05:44 (4 months ago)	Scanning/Probing (26)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:58:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:58:25.834103 2026] [security2:error] [pid 23840:tid 23840] [client 104.207.39.8:23169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "osmanbozkurt.com"] [uri "/v2/.git/config"] [unique_id "aZGm0f-KFqeRfROMLfstQwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-02-15 10:56:55 (4 months ago)	. Matched phrase "/.git/" at REQUEST_URI. (210492-123)	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:38:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:38:35.538372 2026] [security2:error] [pid 23287:tid 23322] [client 104.207.39.8:17573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "okorganicgardening.org"] [uri "/.env.local"] [unique_id "aZFb246jtjP5LgwlR2nXsgAAAcE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:10:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:09:54.696443 2026] [security2:error] [pid 12415:tid 12415] [client 104.207.39.8:16479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "powerkiteforum.com"] [uri "/config/.env"] [unique_id "aZFHEi-1Hm8W1ohXxSIP1wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:52:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:52:00.980266 2026] [security2:error] [pid 30054:tid 30054] [client 104.207.39.8:18005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "salazartransfers.com"] [uri "/v2/.git/config"] [unique_id "aZFC4PNbDB6NN4D6RhPXRAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 03:29:43 (4 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 03:24:20 (4 months ago)	Try to access /site/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:05:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:04:56.358795 2026] [security2:error] [pid 19589:tid 19589] [client 104.207.39.8:17301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "niseigroup.com"] [uri "/backup/.git/config"] [unique_id "aZE32I2-oRSONoJR_yCDbgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 212.92.104.232

🇨🇳 182.242.168.129

🇺🇸 135.237.125.174

🇨🇳 223.199.191.253

🇨🇴 181.53.13.67

🇦🇷 181.28.27.213

🇨🇱 179.57.170.71

🇮🇳 122.187.173.98

🇩🇪 51.89.44.65

🇸🇬 47.128.122.134

🇰🇿 185.44.86.53

🇳🇱 176.65.139.36

🇸🇬 165.154.29.93

🇺🇸 91.230.168.186

🇨🇳 39.106.23.166

🇷🇴 2.57.121.112

🇸🇬 2404:6800:4003:c05::129

🇩🇪 178.104.193.132

🇬🇧 167.99.205.142

🇸🇬 167.71.216.208