JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.138

104.207.37.138 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.138

Whois 104.207.37.138

IP Abuse Reports for 104.207.37.138:

This IP address has been reported a total of 153 times from 17 distinct sources. 104.207.37.138 was first reported on June 11th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-01-17 23:00:00 (4 months ago)	Auto-ban: >3000 req/min op 2026-01-17	Hacking Web App Attack SSH
🇩🇪 paissangroup	2026-01-04 10:56:39 (5 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:45 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇦🇺 MAGIC	2025-12-01 01:24:11 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 10:48:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:48:52.050450 2025] [security2:error] [pid 8874:tid 8874] [client 104.207.37.138:38375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.peterjohnsonauthor.com"] [uri "/.env"] [unique_id "aSbbFEJsO4RjrSms9WC1QAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:41:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:41:21.335740 2025] [security2:error] [pid 5472:tid 5472] [client 104.207.37.138:21553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thecollective.org"] [uri "/.env"] [unique_id "aSaTAeyTUtJkj5lOzXRzegAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:58:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:58:51.323901 2025] [security2:error] [pid 20981:tid 20981] [client 104.207.37.138:27913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.afdfurniture.com"] [uri "/.env"] [unique_id "aSZs61YZEWLAhVWLqSLyawAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:24:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:24:34.937380 2025] [security2:error] [pid 8922:tid 8922] [client 104.207.37.138:60585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.puckerbuttbikini.com"] [uri "/.git/HEAD"] [unique_id "aSVLoj9msFX35L1fTx7j_wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:43:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:43:40.003610 2025] [security2:error] [pid 27699:tid 27699] [client 104.207.37.138:49701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.mexicanfriedicecream.com"] [uri "/.svn/wc.db"] [unique_id "aSUz_OWGSmR4jxTcwop-8QAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:14:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:14:42.142606 2025] [security2:error] [pid 8491:tid 8491] [client 104.207.37.138:58363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.18mstudio.com"] [uri "/.env"] [unique_id "aSUtMhD4u3ka8PofqjymKgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:49:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:49:06.109931 2025] [security2:error] [pid 1049:tid 1049] [client 104.207.37.138:19403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.decisionsciencevideos.com"] [uri "/.svn/wc.db"] [unique_id "aSUnMsfQPJMODS_E_Br-VQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:25:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:25:11.324413 2025] [security2:error] [pid 671420:tid 671420] [client 104.207.37.138:20055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.abakada.net"] [uri "/.git/HEAD"] [unique_id "aSUTh0MuIcGxDxdbUOaeRwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:08:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:08:36.247430 2025] [security2:error] [pid 28774:tid 28774] [client 104.207.37.138:35947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kirkrmartin.com"] [uri "/.git/HEAD"] [unique_id "aSUBlJ3xuStrTO4vaO2VnAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 00:15:47 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:14:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:14:01.754325 2025] [security2:error] [pid 20345:tid 20345] [client 104.207.37.138:10005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.digitaltom.com"] [uri "/.env"] [unique_id "aST0ySJX7F-JjuStuxKRNQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 193.37.32.201

🇮🇳 115.96.79.15

🇻🇳 115.78.226.174

🇺🇸 64.94.159.230

🇭🇰 8.217.90.245

🇬🇧 2a06:4880:c000::e2

🇬🇧 2a06:4880:c000::dd

🇧🇷 177.189.68.208

🇺🇸 172.98.33.57

🇻🇳 171.231.196.49

🇰🇷 115.86.73.98

🇷🇺 89.19.193.252

🇺🇸 45.33.12.214

🇷🇴 2.57.121.112

🇵🇱 213.92.220.103

🇲🇩 185.162.141.34

🇱🇦 183.182.121.143

🇺🇸 178.156.253.13

🇨🇳 120.193.201.162

🇨🇳 115.200.235.178