JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.163

104.207.36.163 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.163

Whois 104.207.36.163

IP Abuse Reports for 104.207.36.163:

This IP address has been reported a total of 157 times from 17 distinct sources. 104.207.36.163 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇦🇺 oncord	2026-02-18 00:56:01 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-14 04:32:11 (4 months ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-02-13 18:11:11 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 20-11.104.207.36.163.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 20-11.104.207.36.163.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:50:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:50:20.507979 2026] [security2:error] [pid 25216:tid 25216] [client 104.207.36.163:21723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arkml.com"] [uri "/.env.production"] [unique_id "aY0VvM1gbqAOJ70_7W8UGQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:54:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:54:09.472413 2026] [security2:error] [pid 28674:tid 28674] [client 104.207.36.163:19851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kofcasamblea442.org"] [uri "/api/.env"] [unique_id "aYrIAdGPiKjWQJjI96hw3wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:15:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:15:05.396938 2026] [security2:error] [pid 4095:tid 4095] [client 104.207.36.163:49311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ichi51e.net"] [uri "/site/.git/config"] [unique_id "aYqwyXBhlcHBZb6PaWygwwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-10 01:34:01 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:45:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:45:30.082228 2026] [security2:error] [pid 32478:tid 32478] [client 104.207.36.163:31005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keymarketmedia.com"] [uri "/admin/.git/config"] [unique_id "aYp_qiXPbhtVbvu3BedpXgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Carsten	2026-02-09 22:35:32 (4 months ago)	GET [.env]	Port Scan
🇺🇸 TPI-Abuse	2026-02-09 20:53:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:52:57.875874 2026] [security2:error] [pid 32236:tid 32236] [client 104.207.36.163:17751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hooks-n-hearts.com"] [uri "/new/.git/config"] [unique_id "aYpJKZwC6LMZfCk8_SsNPgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:16:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:16:19.741610 2026] [security2:error] [pid 12777:tid 12777] [client 104.207.36.163:11791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hometechllc.com"] [uri "/app/.env"] [unique_id "aYpAk-kiQT9MTKoFzKq32AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-09 04:04:46 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-04.104.207.36.163.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 06-04.104.207.36.163.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 oncord	2026-02-07 01:16:09 (4 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-05 07:10:44 (4 months ago)	Form spam	Web Spam

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 172.253.11.18

🇭🇰 152.32.135.81

🇹🇭 118.193.57.59

🇮🇩 110.35.80.116

🇬🇧 35.203.210.132

🇺🇸 23.234.78.112

🇨🇳 223.100.248.64

🇷🇴 193.46.255.86

🇺🇸 192.3.196.157

🇺🇸 185.226.196.30

🇨🇦 159.89.124.112

🇫🇮 147.185.133.219

🇯🇵 133.125.62.131

🇭🇰 118.193.44.169

🇭🇰 104.253.124.2

🇸🇬 101.47.25.139

🇭🇰 101.36.123.67

🇸🇬 85.203.21.157

🇱🇹 45.227.254.170

🇮🇶 37.238.210.65