JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.168

104.207.37.168 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.168

Whois 104.207.37.168

IP Abuse Reports for 104.207.37.168:

This IP address has been reported a total of 142 times from 19 distinct sources. 104.207.37.168 was first reported on June 5th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-16 02:33:57 (5 days ago)	Web App Attack	Web App Attack
🇩🇪 Hazzard	2026-05-21 19:58:55 (4 weeks ago)	(wordpress) Failed wordpress login from 104.207.37.168 (US/United States/Virginia/Ashburn/-/[redacte ... show more (wordpress) Failed wordpress login from 104.207.37.168 (US/United States/Virginia/Ashburn/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇱🇻 garmtech.com	2026-05-15 13:15:23 (1 month ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇮🇹 VHosting	2026-02-18 22:16:48 (4 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-09 21:45:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:45:47.470626 2026] [security2:error] [pid 10275:tid 10275] [client 104.207.37.168:48029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garyandthegroove.com"] [uri "/admin/.env"] [unique_id "aYpVizT3IYZ12yilwYBxKQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:08:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:08:04.879565 2026] [security2:error] [pid 1024:tid 1024] [client 104.207.37.168:24771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galengetting.com"] [uri "/api/.env"] [unique_id "aYo-pLPHqxPWB7KzjuPh5AAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 17:57:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 12:57:35.895888 2026] [security2:error] [pid 19548:tid 19548] [client 104.207.37.168:63487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "furballaudio.com"] [uri "/.env"] [unique_id "aYogD9GMRauVvNHjSYF3BgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:48:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:48:16.280243 2026] [security2:error] [pid 19649:tid 19649] [client 104.207.37.168:15163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingangelinvestors.com"] [uri "/dev/.git/config"] [unique_id "aYnXkGRGvvrc5alUvh-rewAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:25:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:25:30.573411 2026] [security2:error] [pid 19338:tid 19417] [client 104.207.37.168:10069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamecrazy.us"] [uri "/.env"] [unique_id "aYnSOoWE2kxo01YgpUqDhAAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 12:01:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:01:27.711356 2026] [security2:error] [pid 18706:tid 18706] [client 104.207.37.168:60887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galysh.us"] [uri "/wp/.git/config"] [unique_id "aYnMl4WtXK9-28oDdcmkkQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 10:56:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 05:56:25.338535 2026] [security2:error] [pid 6133:tid 6133] [client 104.207.37.168:44527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gainow.net"] [uri "/.git/config"] [unique_id "aYm9Wc2D6lvspwOODW0-vQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 07:54:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 02:54:06.926778 2026] [security2:error] [pid 1824799:tid 1824799] [client 104.207.37.168:49121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fvsllc.com"] [uri "/test/.git/config"] [unique_id "aYmSnngbS6RN0EqSjggnrQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 04:38:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 23:38:05.277733 2026] [security2:error] [pid 12201:tid 12201] [client 104.207.37.168:10591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fullyevil.com"] [uri "/api/.env"] [unique_id "aYlkrS0MIQyaR0zwB4ABWQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-30 11:53:07 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-11 06:03:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 01:03:25.284148 2025] [security2:error] [pid 16798:tid 16798] [client 104.207.37.168:14437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jazzclubla.com"] [uri "/.env"] [unique_id "aTperUWR0ghfKbHpocEDRgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 180.93.43.225

🇳🇱 89.19.216.194

🇺🇸 20.127.244.67

🇷🇴 2.57.121.112

🇲🇴 182.93.7.194

🇺🇸 52.167.144.193

🇺🇸 45.156.129.80

🇨🇭 20.250.145.94

🇺🇸 3.87.27.156

🇨🇳 182.43.76.120

🇩🇪 167.94.146.41

🇨🇳 124.228.34.69

🇷🇴 94.156.152.50

🇨🇳 42.249.228.42

🇳🇱 160.119.71.129

🇳🇱 45.156.87.117

🇪🇬 41.196.44.113

🇨🇳 223.109.252.147

🇯🇵 207.148.107.123

🇸🇬 193.37.32.70