JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.37

104.207.57.37 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.37

Whois 104.207.57.37

IP Abuse Reports for 104.207.57.37:

This IP address has been reported a total of 121 times from 10 distinct sources. 104.207.57.37 was first reported on June 4th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-06-12 01:35:04 (5 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇩🇪 stinpriza	2026-06-11 20:44:01 (5 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 12:05:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:05:51.756408 2025] [security2:error] [pid 20117:tid 20117] [client 104.207.57.37:20361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.harmonyfactor.com"] [uri "/.git/HEAD"] [unique_id "aSbtH16k4GOAbcY5-ylragAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:45:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:45:05.476013 2025] [security2:error] [pid 20863:tid 20863] [client 104.207.57.37:28327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lakesidedigital.com"] [uri "/.env"] [unique_id "aSbaMZjDbjy03qcNEGYriQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 09:05:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:05:53.151389 2025] [security2:error] [pid 9607:tid 9694] [client 104.207.57.37:60853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.prismatik.com"] [uri "/.env"] [unique_id "aSbC8fkDcg6wFbLmNJ00dQAAAhY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:54:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:54:19.004949 2025] [security2:error] [pid 3599211:tid 3599233] [client 104.207.57.37:27413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.killasgarage.bike"] [uri "/.git/HEAD"] [unique_id "aSaWCyWBb6LubLi-gSEULgAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:56:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:56:04.667545 2025] [security2:error] [pid 8415:tid 8415] [client 104.207.57.37:24769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.4realwater.com"] [uri "/.env"] [unique_id "aSaIZL5cH_iwR2jj9oAFDQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:35:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:35:06.568173 2025] [security2:error] [pid 23655:tid 23655] [client 104.207.57.37:52185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.flyinganorak.com.abbeygardensllandudno.com"] [uri "/.git/HEAD"] [unique_id "aSZLOpi1SsJr7mrxEkQk2gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:04:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:04:12.002136 2025] [security2:error] [pid 6836:tid 6836] [client 104.207.57.37:28767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.performingartsguild.com"] [uri "/.env"] [unique_id "aSZD_GPF_Yu6DhB6OJzy5AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:45:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:44:59.219716 2025] [security2:error] [pid 15384:tid 15384] [client 104.207.57.37:55053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.arteseros.com"] [uri "/.svn/wc.db"] [unique_id "aSQM-_dySkm89j99UttTnQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:56:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:56:31.820037 2025] [security2:error] [pid 21242:tid 21242] [client 104.207.57.37:45817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.accredo.net"] [uri "/.svn/wc.db"] [unique_id "aSPlf2xxKw1KAzSmfS8-pAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:37:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:37:53.669983 2025] [security2:error] [pid 788:tid 788] [client 104.207.57.37:38199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.holesandcorners.com"] [uri "/.svn/wc.db"] [unique_id "aSPhIb3gXHMy-Y2cZVEevgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 08:11:22 (1 year ago)	Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 22:35:10 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 15:16:07 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.74.93.184

🇧🇯 137.255.96.57

🇰🇿 128.127.97.226

🇮🇩 125.163.147.78

🇮🇳 120.57.122.226

🇳🇱 45.148.10.121

🇨🇳 27.24.141.111

🇧🇷 138.122.155.161

🇺🇸 67.21.89.42

🇳🇱 45.148.10.152

🇧🇪 34.156.156.52

🇻🇳 27.71.21.70

🇨🇳 27.24.141.160

🇷🇺 5.104.56.117

🇮🇳 2409:40e4:10a6:e580:4dce:1798:1d2:c7eb

🇨🇳 222.219.232.57

🇪🇸 217.154.108.232

🇧🇬 193.24.211.107

🇧🇷 177.2.7.116

🇧🇷 138.219.108.147