JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.37.96

104.207.37.96 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.37.96

Whois 104.207.37.96

IP Abuse Reports for 104.207.37.96:

This IP address has been reported a total of 144 times from 14 distinct sources. 104.207.37.96 was first reported on June 5th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 inspectorgdgt	2025-12-24 22:00:00 (5 months ago)	VPN brute-force login attempts observed (bulk report).	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 05:51:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:50:56.019764 2025] [security2:error] [pid 24775:tid 24775] [client 104.207.37.96:14557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kaibeth.com"] [uri "/.env"] [unique_id "aSVDwLDiihzXlND-eDNTFQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:07:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:07:05.566735 2025] [security2:error] [pid 18806:tid 18806] [client 104.207.37.96:11689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bickleton.org"] [uri "/.svn/wc.db"] [unique_id "aSUrad0fkjcvs_GkxuTWvgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:51:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:51:17.917244 2025] [security2:error] [pid 7212:tid 7212] [client 104.207.37.96:48699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.businesscardclocks.com"] [uri "/.env"] [unique_id "aSUZpV_xRmN9DOKu99BsrwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:36:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:36:11.228287 2025] [security2:error] [pid 1757:tid 1757] [client 104.207.37.96:45691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jonathanwilson.me"] [uri "/.svn/wc.db"] [unique_id "aSUWG6C_1gwUPkEcjrwmYgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:31:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:31:52.302769 2025] [security2:error] [pid 7326:tid 7538] [client 104.207.37.96:31743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.condomanagement360.com"] [uri "/.git/HEAD"] [unique_id "aSUHCNNUaJ5dFUuoaTx04AAAANg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:46:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:46:23.326534 2025] [security2:error] [pid 30682:tid 30682] [client 104.207.37.96:17239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.gnquivers.com"] [uri "/.env"] [unique_id "aST8X1Bw9LTPM2dzCtkZGQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:35:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:35:25.409764 2025] [security2:error] [pid 21106:tid 21106] [client 104.207.37.96:31563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mariettacaseyclub.org"] [uri "/.git/HEAD"] [unique_id "aSQm3SekjAHmcf4pGMDZYwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:57:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:57:40.678591 2025] [security2:error] [pid 2470:tid 2470] [client 104.207.37.96:19973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ecrecorp.com"] [uri "/.env"] [unique_id "aSQeBOtpUEJJ8D3fw0JU6gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:15:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:15:45.318773 2025] [security2:error] [pid 1465:tid 1465] [client 104.207.37.96:22711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.qcyprus.com"] [uri "/.git/HEAD"] [unique_id "aSQUMRNm9g44fueMgiiJWwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:10:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.37.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:10:47.433610 2025] [security2:error] [pid 3936761:tid 3936785] [client 104.207.37.96:35963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.piazzala.com"] [uri "/.svn/wc.db"] [unique_id "aSPMt5aEILTbzkyZeOLaxwAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 04:58:18 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-18 08:48:16 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-17 12:21:26 (8 months ago)	GlobalProtect login attempts with user ejetter.	VPN IP Brute-Force
Anonymous	2025-10-14 18:38:22 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.14 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.14 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2620:171:be:f002:9999::241

🇬🇧 2a06:4880:6000::77

🇺🇸 162.216.149.60

🇺🇸 129.146.243.24

🇯🇴 94.249.48.190

🇫🇷 91.196.152.187

🇨🇦 85.217.149.43

🇨🇦 85.217.149.41

🇮🇷 78.38.20.249

🇺🇸 4.157.90.161

🇰🇷 221.153.50.115

🇷🇺 213.5.109.4

🇺🇸 138.197.113.62

🇮🇳 122.170.98.139

🇭🇰 101.36.122.139

🇺🇸 98.88.19.20

🇦🇹 94.228.163.232

🇬🇧 87.106.44.172

🇮🇳 64.227.151.51

🇺🇸 20.84.145.61