JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.125

104.207.36.125 was found in our database!

This IP was reported 172 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.125

Whois 104.207.36.125

IP Abuse Reports for 104.207.36.125:

This IP address has been reported a total of 172 times from 22 distinct sources. 104.207.36.125 was first reported on June 20th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-11 11:20:19 (6 days ago)	Web App Attack	Web App Attack
🇫🇷 masterguru	2026-04-06 01:02:58 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.125 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.125 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇱🇻 garmtech.com	2026-03-20 18:27:23 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇱🇻 garmtech.com	2026-03-13 00:49:26 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2026-03-13 00:49:18 (3 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:56:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:56:51.787326 2026] [security2:error] [pid 21024:tid 21024] [client 104.207.36.125:59181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnen.org"] [uri "/site/.git/config"] [unique_id "aZaKA0d4vtyrvrPIPoHCzQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:37:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:37:36.454200 2026] [security2:error] [pid 23163:tid 23163] [client 104.207.36.125:10683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswow.com"] [uri "/api/.git/config"] [unique_id "aZaFgNBjUpG0ZBKtxJwPTgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:32:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:32:37.046356 2026] [security2:error] [pid 29082:tid 29082] [client 104.207.36.125:41651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kcmastercleaners.com"] [uri "/.env.save"] [unique_id "aZZ2RfECs4VakqKL9sO5qwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 01:29:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:29:50.509030 2026] [security2:error] [pid 14119:tid 14137] [client 104.207.36.125:19613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kandooo.com"] [uri "/backup/.git/config"] [unique_id "aZZnjs7LbDS5IjHn1_w90gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:18:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:18:15.388405 2026] [security2:error] [pid 6322:tid 6322] [client 104.207.36.125:18147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vmbinc.com"] [uri "/.env.production"] [unique_id "aZZWxxW6kzDGc-_Lqfb-WAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-18 22:51:04 (3 months ago)	Bot / scanning and/or hacking attempts: GET /wp/.git/config HTTP/1.1, GET /dev/.git/config HTTP/1.1, ... show more Bot / scanning and/or hacking attempts: GET /wp/.git/config HTTP/1.1, GET /dev/.git/config HTTP/1.1, GET /config/.env HTTP/1.1, GET /.env.local HTTP/1.1, GET /api/.git/config HTTP/1.1, GET /backend/.env HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /.git/config HTTP/1.1, GET /app/.git/config HTTP/1.1, GET /site/.git/config HTTP/1.1, GET /admin/.git/config HTTP/1.1, GET /v2/.git/config HTTP/1.1, GET /test/.git/config HTTP/1.1, GET /backup/.git/config HTTP/1.1, GET /new/.git/config HTTP/1.1, GET /frontend/.env HTTP/1.1 show less	Hacking Web App Attack
🇫🇷 dynamix	2026-02-18 20:04:58 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:55:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:55:37.288949 2026] [security2:error] [pid 11235:tid 11235] [client 104.207.36.125:57793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tianabes.com"] [uri "/.env.local"] [unique_id "aZYLKarjLYq4jzgpdD5LfwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 14:41:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 09:41:34.379411 2026] [security2:error] [pid 27224:tid 27224] [client 104.207.36.125:17363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xmlprotocol.com"] [uri "/.env.local"] [unique_id "aZXPnkM-JhFlDNY7FZ1rRAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:34:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:34:35.895998 2026] [security2:error] [pid 2095571:tid 2095571] [client 104.207.36.125:22823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wisewerks.com"] [uri "/test/.git/config"] [unique_id "aZW_6zRD3wnmHHWsGW6Y8QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 172 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.212.224

🇭🇰 114.111.53.214

🇳🇱 91.92.40.14

🇮🇷 79.127.66.250

🇺🇸 45.33.84.28

🇺🇸 20.42.108.100

🇯🇵 8.216.9.20

🇺🇸 184.52.36.167

🇺🇸 172.252.13.90

🇺🇸 158.51.96.38

🇷🇴 141.98.83.240

🇫🇷 91.196.152.3

🇺🇸 45.79.214.23

🇬🇧 35.203.210.235

🇬🇧 35.203.210.6

🇻🇳 14.189.28.195

🇻🇳 14.179.0.214

🇨🇳 14.116.184.171

🇩🇪 213.209.159.56

🇨🇳 180.167.207.234