JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.104

104.207.36.104 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.104

Whois 104.207.36.104

IP Abuse Reports for 104.207.36.104:

This IP address has been reported a total of 136 times from 13 distinct sources. 104.207.36.104 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-24 10:57:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 05:57:04.238040 2026] [security2:error] [pid 14916:tid 14916] [client 104.207.36.104:45297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vintageamptubes.ink2wear.com"] [uri "/.git/config"] [unique_id "aZ2EAKyCAn7WRSGw_Zb0gQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 03:41:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 22:40:55.232005 2026] [security2:error] [pid 29514:tid 29531] [client 104.207.36.104:58295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gapm.aafm.us"] [uri "/.git/config"] [unique_id "aZ0dx0cW05YGX5vpiEwRhwAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 21:09:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 16:09:40.821046 2026] [security2:error] [pid 427:tid 427] [client 104.207.36.104:57005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backtosleep.backstore.com"] [uri "/.git/config"] [unique_id "aZzCFN1B3Gz_-PYUqdZpgAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:24:37 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇫🇷 vtchost.com	2026-01-12 14:22:08 (4 months ago)	ignoring robots.txt - possible botnet ...	Bad Web Bot Exploited Host
🇺🇸 TPI-Abuse	2025-11-26 11:06:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:05:55.413251 2025] [security2:error] [pid 17754:tid 17754] [client 104.207.36.104:19827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "strippolefitness.michaelward.com"] [uri "/.svn/wc.db"] [unique_id "aSbfEzJ-tw6Rwfb5VCsEiAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:45:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:44:55.625141 2025] [security2:error] [pid 26927:tid 26927] [client 104.207.36.104:11037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.spiritualjourneysinprayerandsong.com"] [uri "/.git/HEAD"] [unique_id "aSah53hc2NVPYpBkccWiogAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 01:01:01 (6 months ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:21:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:20:52.619592 2025] [security2:error] [pid 15095:tid 15095] [client 104.207.36.104:34001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tieco.salvoni.org"] [uri "/.git/HEAD"] [unique_id "aSZH5AyMkduDlbBTu2YBAwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:53:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:53:13.608339 2025] [security2:error] [pid 30363:tid 30363] [client 104.207.36.104:32925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.americancryonics.org"] [uri "/.svn/wc.db"] [unique_id "aSQc-eIlFu_Y2fz80goKJAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:05:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:05:39.196923 2025] [security2:error] [pid 5284:tid 5284] [client 104.207.36.104:52103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.lhhs69.org"] [uri "/.env"] [unique_id "aSP1s0Zowcv8_u3kYd7yxAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-19 18:59:49 (7 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.10.19 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-17 23:45:49 (7 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.17 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-16 19:54:32 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.16 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-15 02:26:12 (7 months ago)	GlobalProtect login attempts with user pupcare.	VPN IP Brute-Force

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 103.159.54.61

🇺🇸 52.153.130.145

🇱🇹 45.227.254.170

🇰🇷 218.149.157.240

🇺🇸 208.87.243.251

🇿🇦 169.239.183.136

🇩🇪 167.99.240.181

🇺🇸 152.32.205.193

🇺🇸 137.184.36.28

🇮🇳 122.169.97.132

🇨🇳 106.74.24.141

🇵🇭 103.36.18.117

🇧🇬 77.76.158.232

🇸🇦 51.211.218.132

🇭🇰 43.155.105.94

🇺🇸 35.221.3.53

🇻🇳 14.191.33.34

🇹🇷 212.64.216.142

🇫🇮 147.185.133.44

🇬🇧 118.193.65.175