JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.103

104.207.37.103 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.103

Whois 104.207.37.103

IP Abuse Reports for 104.207.37.103:

This IP address has been reported a total of 129 times from 18 distinct sources. 104.207.37.103 was first reported on June 8th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-16 16:59:46 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-59.104.207.37.103.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-59.104.207.37.103.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-08 05:27:07 (4 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 08-27.104.207.37.103.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 08-27.104.207.37.103.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇵🇱 stareradia.pl	2026-04-25 08:56:52 (1 month ago)	[Sat Apr 25 10:56:19.331799 2026] [php:error] [pid 1486916:tid 1486916] [client 104.207.37.103:0] sc ... show more [Sat Apr 25 10:56:19.331799 2026] [php:error] [pid 1486916:tid 1486916] [client 104.207.37.103:0] script '/var/www/html/profile.php' not found or unable to stat, referer: https://forum-trioda.pl/ [Sat Apr 25 10:56:24.435002 2026] [php:error] [pid 1486916:tid 1486916] [client 104.207.37.103:0] script '/var/www/html/profile.php' not found or unable to stat, referer: https://forum-trioda.pl/ [Sat Apr 25 10:56:25.090044 2026] [php:error] [pid 1502446:tid 1502446] [client 104.207.37.103:0] script '/var/www/html/profile.php' not found or unable to stat, referer: https://forum-trioda.pl/ucp.php?mode=register&agreed=true&iscanyesno=yeswecan&step=2&coppa=0 [Sat Apr 25 10:56:51.331617 2026] [php:error] [pid 1477829:tid 1477829] [client 104.207.37.103:0] script '/var/www/html/profile.php' not found or unable to stat, referer: https://forum-trioda.pl/ ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-20 05:15:44 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.37.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.37.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 00:15:38.856880 2026] [security2:error] [pid 14137:tid 14137] [client 104.207.37.103:29565] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|lozzy.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lozzy.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZft-hmvEctmC4oCAa8U2gAAABg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-02-10 13:38:03 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 relianoid.com	2026-02-01 15:55:15 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 Dolutech.com	2026-01-02 17:19:29 (5 months ago)	Bruteforce Attack Detected	Brute-Force
🇦🇺 MAGIC	2025-12-18 02:10:22 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 08:29:50 (6 months ago)	(mod_security) mod_security (id:210740) triggered by 104.207.37.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210740) triggered by 104.207.37.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:29:43.300208 2025] [security2:error] [pid 25685:tid 25685] [client 104.207.37.103:35359] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|studiopilates.net\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "studiopilates.net"] [uri "/contact/scarbook.php"] [unique_id "aS6jd-QblNHy6gDReynVbgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-30 13:33:19 (6 months ago)	botnet	DDoS Attack
🇱🇻 garmtech.com	2025-11-29 05:59:04 (6 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇦🇺 oncord	2025-11-24 06:12:41 (6 months ago)	Form spam	Web Spam
🇵🇱 sefinek.net	2025-11-17 09:33:49 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-14 08:46:40 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇸🇪 KIDOS	2025-11-08 21:21:05 (6 months ago)	malicious activity, botnet	Web App Attack

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.134.156

🇩🇪 130.12.180.153

🇧🇬 79.124.40.174

🇺🇸 66.132.172.204

🇺🇸 20.169.91.107

🇺🇸 216.126.236.108

🇩🇪 209.38.237.233

🇺🇸 195.184.76.80

🇸🇪 193.138.218.204

🇨🇦 178.93.201.198

🇩🇪 167.94.146.52

🇩🇪 167.94.145.27

🇺🇸 156.229.163.164

🇺🇸 147.185.132.216

🇨🇳 139.170.73.14

🇺🇸 109.105.210.53

🇭🇰 103.231.14.54

🇭🇰 103.210.238.204

🇨🇮 102.209.221.188

🇺🇸 66.132.172.39