JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.209

104.207.36.209 was found in our database!

This IP was reported 158 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.209

Whois 104.207.36.209

IP Abuse Reports for 104.207.36.209:

This IP address has been reported a total of 158 times from 28 distinct sources. 104.207.36.209 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 05:02:59 (3 weeks ago)	Brute force	Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-18 02:57:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:57:07.235697 2026] [security2:error] [pid 29950:tid 29971] [client 104.207.36.209:10993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "retrieversocal.com"] [uri "/app/.git/config"] [unique_id "aZUqgwBJI9CjriAaS11QAgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:53:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:52:58.602951 2026] [security2:error] [pid 19568:tid 19568] [client 104.207.36.209:18081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pavlounis.com"] [uri "/config/.env"] [unique_id "aZUNaol5B_G3gYMiuXk6lQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-05 04:36:46 (4 months ago)	wordpress-trap	Web App Attack
🇬🇧 relianoid.com	2026-02-03 19:59:11 (4 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇪🇸 10dencehispahard SL	2026-01-26 07:25:22 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇦🇺 MAGIC	2026-01-10 03:15:21 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇧🇪 cmbplf	2025-12-14 04:03:01 (5 months ago)	3.480 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
Anonymous	2025-12-06 19:11:31 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 07:22:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:22:16.291462 2025] [security2:error] [pid 14508:tid 14508] [client 104.207.36.209:19883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.londonconsulting.info"] [uri "/.svn/wc.db"] [unique_id "aSVZKIArMY0OunMWm7C9AwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:02:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:02:21.139509 2025] [security2:error] [pid 1817000:tid 1817028] [client 104.207.36.209:27973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ace-es.com"] [uri "/.env"] [unique_id "aSUqTZiXM9qjzOaPIgQfKwAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:19:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:19:19.774400 2025] [security2:error] [pid 8194:tid 8194] [client 104.207.36.209:28211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ifi.gabosoftware.com"] [uri "/.git/HEAD"] [unique_id "aSUgN9CNFe-zkHfHu_el_AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:58:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:58:16.874717 2025] [security2:error] [pid 703355:tid 703355] [client 104.207.36.209:33325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.grandpont-house.org"] [uri "/.env"] [unique_id "aSUbSBad1KAHFlhCywe1lQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:49:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:49:47.227124 2025] [security2:error] [pid 8517:tid 8517] [client 104.207.36.209:59183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.look-on.com"] [uri "/.svn/wc.db"] [unique_id "aSULO0iTFqwfPAVKK8nmZwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 158 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 190.43.154.73

🇨🇦 178.93.201.34

🇺🇸 174.35.25.179

🇺🇸 172.202.117.124

🇨🇳 140.246.137.102

🇮🇩 103.191.14.210

🇳🇱 52.174.67.71

🇨🇳 36.103.204.54

🇻🇳 27.72.21.134

🇬🇧 2a02:4780:a:490:0:3129:ee4f:1

🇫🇷 143.244.57.118

🇺🇸 134.209.115.65

🇮🇳 117.200.81.111

🇨🇳 113.251.71.190

🇰🇷 106.246.224.218

🇬🇧 89.37.172.141

🇧🇬 79.124.40.174

🇮🇳 72.62.224.195

🇺🇸 44.201.146.118

🇰🇷 220.118.173.234