JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.68

104.207.37.68 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.68

Whois 104.207.37.68

IP Abuse Reports for 104.207.37.68:

This IP address has been reported a total of 147 times from 23 distinct sources. 104.207.37.68 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-25 10:59:12 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 nowyouknow	2026-03-03 12:45:08 (3 months ago)	(From [email protected]) No experience is necessary and full training is provided. But before you ... show more (From [email protected]) No experience is necessary and full training is provided. But before you apply, you need to see which role you’re best suited for. Go here to take the Writing Job Quiz. ---> http://PaidToWrite.Online/ Once you finish the quiz, you’ll get a breakdown of the best opportunities available for you right now. Visit -----> http://PaidToWrite.Online/ show less	Phishing Web Spam
🇳🇱 i-turnradio.nl	2026-02-15 01:11:30 (3 months ago)	2026-02-15 02:11:30 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:43:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:43:18.044316 2026] [security2:error] [pid 2787223:tid 2787223] [client 104.207.37.68:57611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leadek.com"] [uri "/site/.git/config"] [unique_id "aY8qdo9KrdGSw5A3q18wbwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:19:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:19:17.899334 2026] [security2:error] [pid 19059:tid 19059] [client 104.207.37.68:49855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mezensen.com"] [uri "/.env.local"] [unique_id "aY7slctskY3x5MR560XNFgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:34:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:33:55.941103 2026] [security2:error] [pid 11196:tid 11258] [client 104.207.37.68:31913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meanmouse.com"] [uri "/.env"] [unique_id "aY7F097KeYqtRgptiKG1WgAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 06:05:15 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇩🇪 SCHAPPY	2026-02-13 03:38:03 (3 months ago)	Malicious activity from IP detected: crowdsecurity/http-sensitive-files.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:30:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:30:42.885358 2026] [security2:error] [pid 1774691:tid 1774697] [client 104.207.37.68:45705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magusincognito.com"] [uri "/dev/.git/config"] [unique_id "aY5-wnVNotX2_xvF9oFUIgAAAQQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:01:20 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 20:14:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 15:14:02.164195 2026] [security2:error] [pid 18997:tid 18997] [client 104.207.37.68:22909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glencottagemusic.com"] [uri "/.git/config"] [unique_id "aY40iiY6pFDSiPbz_s0QAQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 18:04:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 13:03:57.355512 2026] [security2:error] [pid 11758:tid 11758] [client 104.207.37.68:48339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drainpoultry.com"] [uri "/.env"] [unique_id "aY4WDXpkVA2CJhxpIEBnAwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:34:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:34:39.531578 2026] [security2:error] [pid 4811:tid 4871] [client 104.207.37.68:45527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desert-automotive.com"] [uri "/.env"] [unique_id "aY4PL0VFAXWK2xoN-82SlAAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:18:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:18:34.829779 2026] [security2:error] [pid 10293:tid 10293] [client 104.207.37.68:38485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darvintyne.com"] [uri "/.env"] [unique_id "aY4LajJLL6E5fUOssEMxNAAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 22:49:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 17:48:57.377541 2026] [security2:error] [pid 7571:tid 7672] [client 104.207.37.68:58665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "funerariafernandez.net"] [uri "/.env"] [unique_id "aYu12S8VVeRU79rq22ajDwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.206.182.201

🇵🇱 188.122.27.175

🇮🇶 185.187.205.167

🇺🇸 167.88.167.212

🇪🇨 157.100.120.84

🇨🇳 116.205.133.97

🇺🇸 75.127.15.105

🇸🇬 47.84.108.87

🇸🇬 47.79.15.35

🇻🇳 27.79.44.206

🇺🇸 13.217.227.148

🇩🇪 8.211.43.10

🇳🇱 5.255.118.168

🇺🇸 2607:f8b0:4002:c2c::126

🇻🇳 171.243.149.218

🇮🇳 152.52.243.58

🇭🇰 152.32.187.177

🇭🇰 152.32.172.177

🇰🇷 121.183.76.63

🇸🇬 104.194.154.210