JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.198

104.207.37.198 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.198

Whois 104.207.37.198

IP Abuse Reports for 104.207.37.198:

This IP address has been reported a total of 135 times from 16 distinct sources. 104.207.37.198 was first reported on June 22nd 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 07:57:14 (2 weeks ago)	Brute force	Brute-Force
🇨🇳 ThreatBook.io	2026-04-17 23:19:07 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.37.198 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.37.198 2026-04-17 22:22:11 /down/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇨🇳 ThreatBook.io	2026-03-17 23:07:38 (2 months ago)	ThreatBook Intelligence: http_proxy,vpn_proxy more details on https://threatbook.io/ip/104.207.37.19 ... show more ThreatBook Intelligence: http_proxy,vpn_proxy more details on https://threatbook.io/ip/104.207.37.198 2026-03-17 18:00:41 /video/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 11:12:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 06:12:42.660473 2026] [security2:error] [pid 16127:tid 16127] [client 104.207.37.198:64195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scanlanlaserdesign.nashes.net"] [uri "/.git/config"] [unique_id "aZ2Hqpn9ZMQ6EGTVwAn6KAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Rosh	2026-02-24 10:20:50 (3 months ago)	[02/24/26 11:20:50] Unauthorized request HTTP/1.1 404 on port 80	Hacking Web App Attack
🇨🇳 ThreatBook.io	2026-01-07 23:37:33 (4 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.37.198 2 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.37.198 2026-01-07 09:21:37 /druid/index.html show less	Web App Attack
Anonymous	2025-12-10 21:48:48 (5 months ago)	botnet	DDoS Attack
🇮🇹 main.ows	2025-11-25 19:04:29 (6 months ago)	[25/Nov/2025:20:04:28.869698 +0100] aSX9vCbYDtoMMsrvJ6eAFgAAAAo 104.207.37.198 55258 217.61.13.167 7 ... show more [25/Nov/2025:20:04:28.869698 +0100] aSX9vCbYDtoMMsrvJ6eAFgAAAAo 104.207.37.198 55258 217.61.13.167 7080 ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:59:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:59:30.597075 2025] [security2:error] [pid 9962:tid 9962] [client 104.207.37.198:40123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.numeralla.com"] [uri "/.env"] [unique_id "aSUposB43eKoioT9hFJhXAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:21:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:21:11.501214 2025] [security2:error] [pid 7335:tid 7335] [client 104.207.37.198:48737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.androglicksman.com"] [uri "/.env"] [unique_id "aST2d6IO4Sm06Llt7rTUFAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:01:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:01:12.012395 2025] [security2:error] [pid 13651:tid 13651] [client 104.207.37.198:12811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.promoadvocate.com"] [uri "/.svn/wc.db"] [unique_id "aSTxyG3OFJJGTbmA67PnxAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 07:50:11 (6 months ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:47:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:47:38.262803 2025] [security2:error] [pid 22341:tid 22341] [client 104.207.37.198:34487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.daveroozendaal.com"] [uri "/.svn/wc.db"] [unique_id "aSP_isqO9llslSAw1vGb5QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:17:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:17:35.584387 2025] [security2:error] [pid 26700:tid 26700] [client 104.207.37.198:36203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.perron.org"] [uri "/.git/HEAD"] [unique_id "aSP4f9yRD8CoEZEtm9SOcAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 dtorrer	2025-10-29 23:06:50 (7 months ago)	Brute-force general attack.	Brute-Force

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a01:4ff:f4:b4f4::1

🇮🇩 163.7.4.169

🇳🇱 45.148.10.147

🇭🇰 42.200.78.166

🇽🇰 185.190.132.245

🇧🇷 185.100.215.213

🇨🇳 180.76.146.178

🇨🇳 112.29.103.86

🇺🇸 74.249.178.154

🇳🇱 45.148.10.151

🇳🇱 45.148.10.141

🇺🇸 13.58.146.4

🇨🇦 198.50.202.93

🇺🇸 185.238.231.178

🇬🇧 185.216.145.186

🇮🇳 182.95.122.110

🇺🇸 162.216.150.236

🇮🇳 139.59.4.137

🇨🇳 117.14.157.62

🇺🇸 107.23.250.61