JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.141

104.207.37.141 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.141

Whois 104.207.37.141

IP Abuse Reports for 104.207.37.141:

This IP address has been reported a total of 140 times from 21 distinct sources. 104.207.37.141 was first reported on June 11th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-11 20:38:34 (3 weeks ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇸🇪 Juha Jurvanen	2026-05-11 12:07:23 (3 weeks ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
Anonymous	2026-04-27 20:18:57 (1 month ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 xmission.com	2026-04-20 14:03:22 (1 month ago)	Blocked by UFW (TCP on 80) Source port: 33329 TTL: 48 Packet length: 60 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 33329 TTL: 48 Packet length: 60 TOS: 0x08 This report (for 104.207.37.141) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 iNetWorker	2026-03-02 20:55:36 (3 months ago)	trolling for resource vulnerabilities	Web App Attack
🇮🇹 VHosting	2026-02-18 22:11:29 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 inspectorgdgt	2025-12-24 22:00:00 (5 months ago)	VPN brute-force login attempts observed (bulk report).	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 02:32:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:32:37.769556 2025] [security2:error] [pid 28352:tid 28352] [client 104.207.37.141:45531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.jrqdesign.com"] [uri "/.git/HEAD"] [unique_id "aSUVRRw32YyiK1DD-JqUHAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:13:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:13:32.572325 2025] [security2:error] [pid 32149:tid 32149] [client 104.207.37.141:40393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cuetzpalin.com"] [uri "/.svn/wc.db"] [unique_id "aSUQzJtnERJxPbNp36pl-AAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:58:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:57:54.823865 2025] [security2:error] [pid 1748:tid 1748] [client 104.207.37.141:38843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.losbarbarosdelnorte.com"] [uri "/.env"] [unique_id "aST_Egd3wAxciMezbKpGxwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:17:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.141 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:17:17.766903 2025] [security2:error] [pid 3594:tid 3594] [client 104.207.37.141:9683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wintercypher.com"] [uri "/.git/HEAD"] [unique_id "aST1jZI-D4lT7J__oa3dIgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:15:02 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-07 20:19:48 (6 months ago)		Bad Web Bot Web App Attack
Anonymous	2025-11-01 21:02:11 (7 months ago)	[redacted] 104.207.37.141 - - [01/Nov/2025:22:01:57 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" " ... show more [redacted] 104.207.37.141 - - [01/Nov/2025:22:01:57 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.1 Safari/605.1.15" [redacted] 104.207.37.141 - - [01/Nov/2025:22:01:58 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8) Gecko/20051111 Firefox/1.5" [redacted] 104.207.37.141 - - [01/Nov/2025:22:02:00 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36" [redacted] 104.207.37.141 - - [01/Nov/2025:22:02:01 +0100] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25" [redacted] 104.207.37.141 - - [01/Nov/2025:22:02:02 +01 ... show less	Hacking Web App Attack
🇧🇪 voormedia	2025-10-31 08:58:29 (7 months ago)	Accessed trap at '/wp-login.php'	Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇹 152.53.3.237

🇺🇸 151.241.127.224

🇧🇩 45.120.115.150

🇨🇦 20.151.116.141

🇳🇱 195.178.110.26

🇺🇸 38.132.109.100

🇧🇷 200.142.119.114

🇬🇧 193.163.125.71

🇧🇷 177.174.89.99

🇧🇷 177.74.188.179

🇺🇸 162.216.149.93

🇮🇳 103.91.246.73

🇫🇷 80.241.220.242

🇷🇴 79.119.61.147

🇺🇸 67.203.58.233

🇮🇹 45.84.168.19

🇭🇰 156.239.224.79

🇸🇬 74.91.224.229

🇺🇸 52.180.137.70

🇺🇸 3.144.109.211