JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.153

104.207.37.153 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.153

Whois 104.207.37.153

IP Abuse Reports for 104.207.37.153:

This IP address has been reported a total of 140 times from 16 distinct sources. 104.207.37.153 was first reported on June 4th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 fbarela	2026-01-25 04:01:24 (4 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:01 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-14 20:55:36 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-07 12:47:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:47:02.182636 2025] [security2:error] [pid 14301:tid 14301] [client 104.207.37.153:57331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "copanmaya.org"] [uri "/.env"] [unique_id "aTV3RmYvKGfeRAAa9c3zLQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Little Iguana	2025-12-07 09:40:24 (6 months ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
🇵🇱 sefinek.net	2025-12-06 19:45:34 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-06 03:03:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 22:03:30.503737 2025] [security2:error] [pid 1921:tid 1921] [client 104.207.37.153:39559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "freerein.info"] [uri "/.svn/wc.db"] [unique_id "aTOdAl3Aa_z_SWU5TslvvgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:15:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:15:51.231921 2025] [security2:error] [pid 17501:tid 17501] [client 104.207.37.153:11959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.xirination.com"] [uri "/.git/HEAD"] [unique_id "aSQiRxAGxVWsmBS15JWHOwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:40:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:40:18.996344 2025] [security2:error] [pid 32419:tid 32419] [client 104.207.37.153:11281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.vtwins.us"] [uri "/.env"] [unique_id "aSQZ8lT1oKUOm3H46NY4ugAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:54:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:53:59.508257 2025] [security2:error] [pid 2251:tid 2251] [client 104.207.37.153:17827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.bridalshowernapkins.com"] [uri "/.env"] [unique_id "aSQPF8GxBKq1X4kCCSD7SAAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:29:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:29:50.567484 2025] [security2:error] [pid 27415:tid 27415] [client 104.207.37.153:23811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thrudheim.org"] [uri "/.git/HEAD"] [unique_id "aSP7XpA1AtAXbP2CJF3n-QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Little Iguana	2025-11-24 06:14:12 (6 months ago)	Attempt to hack Wordpress Login, XMLRPC or other login	Hacking
🇺🇸 TPI-Abuse	2025-11-24 06:00:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:00:10.408579 2025] [security2:error] [pid 9137:tid 9137] [client 104.207.37.153:19367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.puckerbottombikini.com"] [uri "/.svn/wc.db"] [unique_id "aSP0ah5Vd1m6DHhfDkrgigAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:13:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:13:52.882002 2025] [security2:error] [pid 3922:tid 3922] [client 104.207.37.153:60401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.tolenaar.com"] [uri "/.env"] [unique_id "aSPbgA-8s5I5CYLzwOUxrAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-29 04:44:15 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.166.206.135

🇮🇳 103.25.47.94

🇸🇨 41.86.34.139

🇬🇧 35.203.211.218

🇨🇳 222.88.189.183

🇺🇸 205.210.31.104

🇷🇴 193.46.255.86

🇦🇴 102.213.34.99

🇱🇹 45.227.254.170

🇺🇸 44.175.227.202

🇺🇸 34.162.251.154

🇺🇸 216.244.66.231

🇧🇴 192.223.121.182

🇬🇾 190.80.51.38

🇬🇧 185.53.211.215

🇦🇷 170.210.136.58

🇰🇷 118.37.214.187

🇭🇰 118.26.36.248

🇩🇪 69.5.169.126

🇨🇳 60.220.241.50