JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.57

104.207.37.57 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.57

Whois 104.207.37.57

IP Abuse Reports for 104.207.37.57:

This IP address has been reported a total of 136 times from 17 distinct sources. 104.207.37.57 was first reported on June 5th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 myagent.site	2026-01-15 08:41:31 (4 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-11-26 09:31:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:31:43.466258 2025] [security2:error] [pid 31216:tid 31216] [client 104.207.37.57:30531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.adirondackwaterfront.com"] [uri "/.env"] [unique_id "aSbI_xeXO1Cs4z-kgQVHfwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:12:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:12:17.819952 2025] [security2:error] [pid 27354:tid 27354] [client 104.207.37.57:47117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.superzilla.com"] [uri "/.env"] [unique_id "aSbEcURZiJUXnvvmc6RLzQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:27:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:27:44.797415 2025] [security2:error] [pid 25121:tid 25121] [client 104.207.37.57:11859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.freedomforcefive.com"] [uri "/.svn/wc.db"] [unique_id "aSad4IVodyfWZA_s4xlkjwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:28:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:28:50.440023 2025] [security2:error] [pid 26253:tid 26253] [client 104.207.37.57:30279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.boat-board.com"] [uri "/.env"] [unique_id "aSaQEuB-z_d0tJZQKCksawAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:09:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:09:26.897825 2025] [security2:error] [pid 1398:tid 1398] [client 104.207.37.57:13001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.brigittecavanagh.com"] [uri "/.git/HEAD"] [unique_id "aSZvZofImDdmNhfpMsgLiwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:32:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:32:46.811026 2025] [security2:error] [pid 11180:tid 11180] [client 104.207.37.57:23201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bonvivantorganics.com"] [uri "/.svn/wc.db"] [unique_id "aSZmzo1hKc8VpKCNNeWzVgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:06:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:06:19.790179 2025] [security2:error] [pid 2266:tid 2266] [client 104.207.37.57:30889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "styxtake2.grayhost.net"] [uri "/.svn/wc.db"] [unique_id "aSZSizJEr8tODErpS8UJXQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 22:12:59 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-08 17:36:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 08 12:36:42.933466 2025] [security2:error] [pid 28210:tid 28210] [client 104.207.37.57:45403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.memorylanemovies.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aQ9_quy4weec0ZpSagN24wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-29 10:22:20 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-16 13:27:29 (7 months ago)	GlobalProtect login attempts with user ztjackson.	VPN IP Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-10-07 17:14:00 (7 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-10-06 23:57:56 (7 months ago)	Attempted brute force login to web vpn 28 time(s); last attempt for 2025.10.06 is noted in report ti ... show more Attempted brute force login to web vpn 28 time(s); last attempt for 2025.10.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-04 03:41:28 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.04 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.36.177.74

🇺🇸 107.150.103.249

🇭🇰 103.20.223.56

🇵🇹 87.103.126.54

🇳🇱 45.148.10.147

🇳🇱 45.148.10.67

🇨🇳 14.103.123.16

🇷🇴 2.57.122.177

🇩🇪 151.243.11.35

🇪🇸 143.20.129.157

🇺🇸 136.116.198.170

🇷🇴 92.118.39.205

🇺🇸 43.130.100.35

🇵🇰 39.49.150.46

🇺🇸 205.210.31.58

🇮🇶 185.24.60.245

🇺🇸 147.185.132.214

🇭🇰 139.198.113.29

🇻🇳 113.187.72.69

🇺🇸 104.236.229.227