JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.148

104.207.37.148 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.148

Whois 104.207.37.148

IP Abuse Reports for 104.207.37.148:

This IP address has been reported a total of 137 times from 17 distinct sources. 104.207.37.148 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-12 08:24:58 (1 month ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇫🇷 conseilgouz	2026-02-27 09:58:56 (3 months ago)	upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=artic ... show more upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=article&id=312%27%29%3BSELECT%20PG_SLEEP%285%29--&cat...(') show less	Hacking
🇳🇱 homeshowdomain.nl	2026-02-09 22:59:24 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-09	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-09 21:17:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:17:15.675442 2026] [security2:error] [pid 19781:tid 19781] [client 104.207.37.148:10377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garagemensministry.org"] [uri "/.env.production"] [unique_id "aYpO20oMNOHP1RjcqH257gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 16:41:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 11:41:07.532615 2026] [security2:error] [pid 15965:tid 15965] [client 104.207.37.148:42961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuegolounge813.com"] [uri "/backend/.env"] [unique_id "aYoOIy9GRunwoJVD5G3vgwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:57:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:57:23.647955 2026] [security2:error] [pid 26161:tid 26161] [client 104.207.37.148:44295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingworkingcapital.com"] [uri "/frontend/.env"] [unique_id "aYnZs5aDp-eNAV-pA_AuBAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 07:45:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 02:45:44.646679 2026] [security2:error] [pid 1065:tid 1065] [client 104.207.37.148:24899] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuzzyecho.com"] [uri "/api/.env"] [unique_id "aYmQqG3u-5M0F-wgw0Hc4wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 05:44:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 00:44:21.823199 2026] [security2:error] [pid 14018:tid 14018] [client 104.207.37.148:15583] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "funkerecords.com"] [uri "/.env.staging"] [unique_id "aYl0NdduSUhxMauJY9WETAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-08 23:36:12 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 18:36:03.120281 2026] [security2:error] [pid 18750:tid 18750] [client 104.207.37.148:34785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fsmfl.com"] [uri "/api/.git/config"] [unique_id "aYkd42K7KCbIUflKgR7wOgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-20 21:48:13 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-20 18:21:43 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 20 13:21:35.395306 2026] [security2:error] [pid 22092:tid 22092] [client 104.207.37.148:18927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drillworkscr.com"] [uri "/.svn/wc.db"] [unique_id "aW_Hr94P9IQYvL2BN3qqdAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-14 12:04:33 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-11-26 09:40:45 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-11-13 23:34:16 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-17 03:03:39 (8 months ago)	GlobalProtect login attempts with user jvcorona.	VPN IP Brute-Force

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 172.70.247.206

🇩🇪 164.92.226.73

🇨🇳 27.150.188.148

🇨🇳 220.197.85.106

🇺🇸 206.221.176.60

🇻🇳 183.81.17.187

🇵🇰 175.107.214.147

🇺🇸 174.175.175.175

🇺🇸 151.247.22.154

🇩🇪 134.209.229.23

🇮🇩 103.86.116.186

🇧🇬 91.191.209.118

🇳🇱 62.238.195.91

🇨🇳 49.235.136.28

🇯🇵 47.74.52.155

🇨🇳 42.194.181.182

🇧🇪 34.79.51.218

🇬🇧 5.226.140.28

🇮🇪 3.253.69.28

🇪🇹 196.189.237.172