JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.167

104.207.36.167 was found in our database!

This IP was reported 152 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.167

Whois 104.207.36.167

IP Abuse Reports for 104.207.36.167:

This IP address has been reported a total of 152 times from 28 distinct sources. 104.207.36.167 was first reported on June 7th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 04:30:28 (3 weeks ago)	Brute force	Brute-Force
🇳🇱 jjnxpct	2026-02-16 04:55:00 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /dev/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
Anonymous	2026-02-15 13:18:40 (3 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:06:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:06:20.058576 2026] [security2:error] [pid 32705:tid 32705] [client 104.207.36.167:37627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "otrantocapital.com"] [uri "/admin/.git/config"] [unique_id "aZGorLdrD4hSFbWz1d5jPQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-02-15 10:56:25 (3 months ago)	. Matched phrase "/.env" at REQUEST_URI. (210492-123)	Web App Attack
🇩🇪 XICTRON	2026-02-15 06:45:07 (3 months ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇫🇷 dynamix	2026-02-15 06:28:52 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:27:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:27:15.792824 2026] [security2:error] [pid 10213:tid 10213] [client 104.207.36.167:25175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scothorn.net"] [uri "/.env.staging"] [unique_id "aZFnQ79YiRXCx-voCa6JdwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-02-15 05:58:36 (3 months ago)	Accessed trap at '/.git/config'	Web App Attack
🇨🇭 Origon	2026-02-15 05:54:43 (3 months ago)	http-sensitive-files - IP: 104.207.36.167 - time="2026-02-15T06:54:43+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.36.167 - time="2026-02-15T06:54:43+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.36.167 (US/200373) : 4h ban on Ip 104.207.36.167" module=db show less	Web App Attack
🇷🇴 INTEQ	2026-02-15 05:52:57 (3 months ago)	Web attack from 104.207.36.167	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:21:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:21:47.568924 2026] [security2:error] [pid 314087:tid 314108] [client 104.207.36.167:41477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "officialseniorworldgolfranking.com"] [uri "/v2/.git/config"] [unique_id "aZFX6-YxiADdM-D-ZqVlcQAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:02:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:02:42.558738 2026] [security2:error] [pid 820789:tid 820789] [client 104.207.36.167:13067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "poulsoncustomhomes.com"] [uri "/.env.production"] [unique_id "aZFFYgRX4ghBunyR4pJ4uwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:15:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:15:36.022362 2026] [security2:error] [pid 6271:tid 6271] [client 104.207.36.167:64653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "saboun.com"] [uri "/.env"] [unique_id "aZE6WEmu9_IUa0iou2kOXwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:54:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:54:26.335574 2026] [security2:error] [pid 32707:tid 32707] [client 104.207.36.167:51491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nigunensemble.net"] [uri "/.env.local"] [unique_id "aZE1YgDYORPpHwI7dAiwUAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 152 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 186.233.184.67

🇩🇪 176.65.132.39

🇺🇿 144.124.192.107

🇰🇷 125.184.221.55

🇨🇳 123.119.26.33

🇺🇸 107.172.196.8

🇺🇸 104.21.11.124

🇻🇳 103.205.98.76

🇰🇪 102.213.48.46

🇮🇹 91.80.195.60

🇮🇪 63.33.207.210

🇨🇳 220.181.51.118

🇨🇳 162.14.81.106

🇬🇧 161.35.169.21

🇳🇱 155.117.6.32

🇮🇳 125.19.179.18

🇨🇳 123.189.203.202

🇺🇸 34.86.223.151

🇺🇸 20.163.32.168

🇺🇸 207.241.173.38