JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.74

104.207.37.74 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 26%: ?

26%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.74

Whois 104.207.37.74

IP Abuse Reports for 104.207.37.74:

This IP address has been reported a total of 153 times from 25 distinct sources. 104.207.37.74 was first reported on June 11th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-31 13:00:35 (4 days ago)	wordpress authentication brute force	Brute-Force Web App Attack
🇺🇸 dtorrer	2026-05-29 21:36:34 (6 days ago)	Brute-force general attack.	Brute-Force
🇺🇸 lostswordfish.com	2026-05-28 07:00:06 (1 week ago)	Wordfence waf block on jestrellafoundation	Web App Attack
🇩🇪 iNetWorker	2026-05-25 22:39:46 (1 week ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-02-22 12:14:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 07:14:43.468292 2026] [security2:error] [pid 22132:tid 22132] [client 104.207.37.74:40517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "banis-associates.com"] [uri "/.git/config"] [unique_id "aZrzM7wyNpzEPQnS9nvNLAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 F242	2026-01-30 05:12:31 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 TPI-Abuse	2026-01-07 17:51:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 12:51:02.118605 2026] [security2:error] [pid 7466:tid 7466] [client 104.207.37.74:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "isimsiz.xyz"] [uri "/.env"] [unique_id "aV6dBgtnnylQOC9ZK-nYpwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-02 18:20:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 13:20:16.323802 2026] [security2:error] [pid 28898:tid 28898] [client 104.207.37.74:50497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nmrising.org.peterlundman.com"] [uri "/.git/HEAD"] [unique_id "aVgMYBBbATI0tH5E-6qzwAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:31:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:31:34.315455 2025] [security2:error] [pid 26880:tid 26880] [client 104.207.37.74:47965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "littlehorneng.com"] [uri "/.env"] [unique_id "aVIgRrBnI8vkhu_DXByhfgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:46:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:46:40.233486 2025] [security2:error] [pid 10347:tid 10347] [client 104.207.37.74:36213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drendels.com"] [uri "/.git/HEAD"] [unique_id "aVIHsAxBoTthwbLDrUwouQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-12-29 04:29:39 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.37.74 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.37.74 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:08:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:08:30.810930 2025] [security2:error] [pid 25837:tid 25837] [client 104.207.37.74:51581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yubagals.com"] [uri "/.svn/wc.db"] [unique_id "aVH-vhoZX4dyAhFeRQpifgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-12 00:32:58 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 17:22:10 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.37.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 12:22:02.203747 2025] [security2:error] [pid 23598:tid 23598] [client 104.207.37.74:45225] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|primacomm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aTcJOqGbNifljokNBCGPwgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-04 12:16:33 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4023:1004::127

🇺🇸 216.59.173.21

🇳🇱 176.65.136.31

🇨🇳 111.198.53.188

🇩🇪 78.111.67.247

🇸🇬 43.163.85.226

🇲🇰 188.44.20.30

🇺🇸 173.255.225.139

🇧🇷 169.150.1.36

🇮🇩 165.99.30.22

🇺🇸 152.32.205.153

🇧🇬 78.128.112.30

🇨🇳 47.95.197.173

🇱🇹 45.227.254.170

🇳🇱 45.148.10.157

🇫🇷 37.58.136.133

🇺🇸 20.168.6.227

🇺🇸 20.102.134.102

🇺🇸 3.224.198.48

🇮🇹 172.253.12.152