JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.79

104.207.37.79 was found in our database!

This IP was reported 151 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.79

Whois 104.207.37.79

IP Abuse Reports for 104.207.37.79:

This IP address has been reported a total of 151 times from 19 distinct sources. 104.207.37.79 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-11 08:35:52 (1 day ago)	(mod_security) mod_security (id:900001) triggered by 104.207.37.79: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 104.207.37.79: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 11 11:35:49.113654 2026] [security2:error] [pid 2066679:tid 2066727] [client 104.207.37.79:42991] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: sea-sound.com"] [severity "CRITICAL"] [tag "security"] [hostname "sea-sound.com"] [uri "/wp-login.php"] [unique_id "aipzZe19bB3nUzfQACZjzAAAAZU"], referer: https://sea-sound.com/wp-login.php show less	Port Scan
🇱🇻 garmtech.com	2026-06-10 00:03:02 (2 days ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
Anonymous	2026-06-02 07:00:18 (1 week ago)	[da.kdns.gr] httpd-login-spray-site: sites=trikoilis.com; logs=/var/log/httpd/domains/trikoilis.com. ... show more [da.kdns.gr] httpd-login-spray-site: sites=trikoilis.com; logs=/var/log/httpd/domains/trikoilis.com.log; samples=site_wide=true \| distinct_ips=54 \| /wp-login.php show less	Hacking Web App Attack
Anonymous	2026-05-28 20:06:58 (2 weeks ago)	[server.tmg.gr] httpd-login-spray-site: sites=cardiobridge2023.gr; logs=/var/log/httpd/domains/cardi ... show more [server.tmg.gr] httpd-login-spray-site: sites=cardiobridge2023.gr; logs=/var/log/httpd/domains/cardiobridge2023.gr.log; samples=site_wide=true \| distinct_ips=16 \| /wp-login.php show less	Hacking Web App Attack
🇱🇻 garmtech.com	2026-05-25 15:09:20 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-09.104.207.37.79.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-09.104.207.37.79.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-19 16:45:50 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-45.104.207.37.79.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-45.104.207.37.79.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-09 23:59:07 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-59.104.207.37.79.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-59.104.207.37.79.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-08 06:43:42 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 09-43.104.207.37.79.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 09-43.104.207.37.79.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-13 13:26:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:26:13.747103 2026] [security2:error] [pid 19106:tid 19106] [client 104.207.37.79:55347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millcitymakers.com"] [uri "/.env.save"] [unique_id "aY8mdWeddVTzt6KHuX4_vgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:04:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:04:11.880011 2026] [security2:error] [pid 2584399:tid 2584399] [client 104.207.37.79:44291] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "memelearning.net"] [uri "/api/.git/config"] [unique_id "aY7a-5HkM-FYDUDMUOS-hAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-02-13 07:05:35 (3 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:34:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:33:56.223576 2026] [security2:error] [pid 3680:tid 3699] [client 104.207.37.79:36161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meanmouse.com"] [uri "/.env.production"] [unique_id "aY7F1DAiE7jPsJJDVnOoSQAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:27:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:27:42.412005 2026] [security2:error] [pid 28926:tid 28926] [client 104.207.37.79:34261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martintommer.com"] [uri "/dev/.git/config"] [unique_id "aY6oPrdVvNzqBb3CrytjBwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:47:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:47:49.384811 2026] [security2:error] [pid 30259:tid 30259] [client 104.207.37.79:36123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mark-et-ing-1llc.com"] [uri "/backup/.git/config"] [unique_id "aY6e5bTjkoiF0GTMKi60jgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 151 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 157.245.44.96

🇺🇸 44.46.40.151

🇺🇸 216.151.130.144

🇻🇪 190.142.97.50

🇨🇳 180.76.174.73

🇬🇧 165.232.111.134

🇬🇧 165.227.239.42

🇩🇪 164.92.161.148

🇨🇳 120.48.104.37

🇳🇱 93.123.109.167

🇷🇴 80.94.92.165

🇮🇷 2.180.171.252

🇷🇴 2.57.121.112

🇹🇷 2a09:bac1:72c0:f00::150:26

🇩🇪 194.164.203.46

🇳🇱 185.223.235.50

🇧🇩 103.138.169.12

🇺🇸 74.7.242.60

🇺🇸 74.7.241.134

🇺🇸 74.7.227.10