JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.239

104.207.37.239 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.239

Whois 104.207.37.239

IP Abuse Reports for 104.207.37.239:

This IP address has been reported a total of 148 times from 23 distinct sources. 104.207.37.239 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-05-31 20:05:52 (2 weeks ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇫🇷 tecnicorioja	2026-05-15 22:00:11 (1 month ago)	wp-login attack [15/May/2026:20:52:14	Brute-Force Web App Attack
🇩🇪 Reinhard	2026-04-29 11:30:46 (1 month ago)	Unknown activity, but too many attacks with too many users.	Hacking
🇮🇹 Rosh	2026-03-21 14:20:40 (2 months ago)	[03/21/26 15:20:40] 1 attack: /wp-login.php (severity 10);	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 03:26:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 22:26:34.340070 2026] [security2:error] [pid 23085:tid 23085] [client 104.207.37.239:61355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artbytracyjane.com"] [uri "/api/.git/config"] [unique_id "aY1Iaqst29hyn9Zj9DfYbQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-11 04:53:09 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.local (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.local] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 17:43:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 12:43:10.877559 2026] [security2:error] [pid 7510:tid 7510] [client 104.207.37.239:46989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1st-advantage-arkansas-real-estate-school.com"] [uri "/.env"] [unique_id "aYtuLtvkKwAZWwfUfKs4twAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:09:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:09:40.855715 2026] [security2:error] [pid 2442:tid 2442] [client 104.207.37.239:14479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinhung.com"] [uri "/.git/config"] [unique_id "aYqhdNx7l-TLHS9PPa02ugAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:14:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:14:35.413579 2026] [security2:error] [pid 17737:tid 17737] [client 104.207.37.239:51925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotglassgallery.com"] [uri "/wp/.git/config"] [unique_id "aYpcS2Fb9Hccbdt9eHm7IQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:08:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:08:03.237653 2026] [security2:error] [pid 22917:tid 22917] [client 104.207.37.239:35489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenbernsteinlaw.com"] [uri "/.env.staging"] [unique_id "aYpMs0VJ2l3K2GQWWfirUAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇫🇷 ingroscart.it	2026-01-04 11:55:38 (5 months ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 104.207.37.239 (US/U ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 104.207.37.239 (US/United States/-) show less	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:48 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇩🇪 stinpriza	2025-12-29 10:30:06 (5 months ago)	Web App Attack	Web App Attack
🇨🇦 SSH-Admin	2025-12-27 22:05:38 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 187.41.72.247

🇳🇱 176.65.139.181

🇨🇳 120.48.151.153

🇺🇸 107.172.102.182

🇨🇳 106.75.144.232

🇳🇱 45.148.10.157

🇮🇹 4.232.80.255

🇩🇪 213.209.159.226

🇺🇸 207.90.244.20

🇧🇷 186.206.2.149

🇹🇭 152.32.247.54

🇨🇳 123.184.59.71

🇨🇳 116.132.29.142

🇮🇹 37.179.95.72

🇭🇰 199.45.154.140

🇺🇸 195.184.76.35

🇵🇰 113.203.193.106

🇬🇧 89.37.172.148

🇷🇴 80.94.92.171

🇳🇱 45.148.10.152