JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.11

104.207.37.11 was found in our database!

This IP was reported 103 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.11

Whois 104.207.37.11

IP Abuse Reports for 104.207.37.11:

This IP address has been reported a total of 103 times from 22 distinct sources. 104.207.37.11 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:52 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-11-25 06:50:02 (6 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:46:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:46:23.304582 2025] [security2:error] [pid 11817:tid 11817] [client 104.207.37.11:26453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.elegantweddinginvitations.com"] [uri "/.git/HEAD"] [unique_id "aSVCr1yjZlEbu1JWtE8L2QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:08:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:08:43.098147 2025] [security2:error] [pid 13757:tid 13835] [client 104.207.37.11:59795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tonyleon.pwrcoupling.com"] [uri "/.git/HEAD"] [unique_id "aSU5272j_Ew1xiyiewweJAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:23:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:23:37.632817 2025] [security2:error] [pid 25397:tid 25397] [client 104.207.37.11:54797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.firstampersand.kathiehazlett.com"] [uri "/.env"] [unique_id "aSUvSQmonWpXzSeB57bhYAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:04:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:04:31.981533 2025] [security2:error] [pid 710842:tid 710842] [client 104.207.37.11:53601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.copiersdurham.com"] [uri "/.env"] [unique_id "aSUcv6s5k42z-r_lHs1n4wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:21:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:21:14.228754 2025] [security2:error] [pid 24130:tid 24130] [client 104.207.37.11:50845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.vollmer.ws"] [uri "/.svn/wc.db"] [unique_id "aSUSmmDz8RZmCFryzbatkgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:44:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:44:31.732838 2025] [security2:error] [pid 5837:tid 5837] [client 104.207.37.11:11433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.luxievintage.com"] [uri "/.git/HEAD"] [unique_id "aST770xwkZ4nkkQDOiA3mQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:09:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:09:32.423764 2025] [security2:error] [pid 10513:tid 10513] [client 104.207.37.11:52255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.pages4you.com"] [uri "/.git/HEAD"] [unique_id "aSTzvDdCoejXbm0J5GSgtQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-13 23:36:16 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-08 06:18:37 (7 months ago)	Sending spam-mails via forms/direct PHP Execution/SQL injection from email:[email protected]	Email Spam Bad Web Bot
🇺🇸 fbarela	2025-11-07 23:00:57 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-11-01 15:54:25 (7 months ago)	Attempted brute force login to web vpn 13 time(s); last attempt for 2025.11.01 is noted in report ti ... show more Attempted brute force login to web vpn 13 time(s); last attempt for 2025.11.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-28 03:21:56 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.28 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.28 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 103 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 51.75.64.35

🇮🇩 210.79.142.221

🇧🇴 181.188.187.140

🇯🇵 155.133.7.252

🇨🇳 124.222.137.65

🇮🇷 93.118.98.84

🇺🇸 71.6.134.233

🇱🇹 45.227.254.170

🇨🇳 14.103.115.212

🇩🇪 209.38.210.198

🇺🇸 185.180.141.53

🇺🇸 172.110.223.185

🇭🇰 152.32.174.171

🇺🇸 147.185.132.117

🇰🇷 121.66.63.189

🇮🇳 119.161.96.78

🇫🇷 91.231.89.130

🇵🇸 83.244.79.61

🇷🇴 80.94.92.177

🇺🇸 65.49.1.210