JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.16

104.207.37.16 was found in our database!

This IP was reported 92 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.16

Whois 104.207.37.16

IP Abuse Reports for 104.207.37.16:

This IP address has been reported a total of 92 times from 19 distinct sources. 104.207.37.16 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 CDN	2026-03-27 12:42:46 (2 months ago)	Path traversal: 'tab'=>5\	SQL Injection
🇦🇺 MAGIC	2026-02-01 00:08:03 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇱🇻 garmtech.com	2026-01-03 11:14:07 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-14.104.207.37.16.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-14.104.207.37.16.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:52 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-24 09:47:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:46:57.520515 2025] [security2:error] [pid 1202:tid 1202] [client 104.207.37.16:42565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.michaeltravis.com"] [uri "/.env"] [unique_id "aSQpkbTEe_QXz42d9c5jxwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:43:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:43:23.568076 2025] [security2:error] [pid 1535:tid 1535] [client 104.207.37.16:19393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.avrknives.com"] [uri "/.git/HEAD"] [unique_id "aSQaq3rMWMlehHW3psHEhQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 07:05:20 (6 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:27:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:27:14.085519 2025] [security2:error] [pid 7064:tid 7064] [client 104.207.37.16:12537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aemcmullin.com"] [uri "/.env"] [unique_id "aSPsskxKMozKx0wZn3HxewAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:04:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:04:18.965673 2025] [security2:error] [pid 6533:tid 6533] [client 104.207.37.16:28011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.casademunt.com"] [uri "/.env"] [unique_id "aSPnUvXjm5HYb36V6bhwqgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-11-19 06:58:24 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-14 00:04:24 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇭🇺 zolav8	2025-11-10 01:18:30 (6 months ago)	SQL injection / web attack attempt	Hacking SQL Injection
🇺🇸 Psycho Solutions LLC	2025-10-27 01:39:24 (7 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-login.php - User Agent: N/A - Timestamp: 10/27/2025 1:39 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2025-10-26 03:30:58 (7 months ago)	wordpress-trap	Web App Attack
🇺🇸 Psycho Solutions LLC	2025-10-26 03:22:32 (7 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-content/ - User Agent: N/ ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-content/ - User Agent: N/A - Timestamp: 10/26/2025 3:22 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 92 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:c23::120

🇧🇷 191.53.132.93

🇧🇷 189.90.239.87

🇵🇱 185.105.141.233

🇳🇱 176.65.139.56

🇰🇷 122.35.192.61

🇮🇳 103.237.57.100

🇮🇷 94.101.184.145

🇷🇺 91.215.85.193

🇦🇹 85.255.154.199

🇳🇱 77.174.233.98

🇩🇪 69.5.169.189

🇩🇪 69.5.169.153

🇩🇪 69.5.169.145

🇺🇸 68.64.170.2

🇺🇸 66.132.172.245

🇧🇪 34.156.191.5

🇷🇴 2.57.122.177

🇨🇳 211.159.151.224

🇧🇪 198.235.24.200