JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.21

104.207.36.21 was found in our database!

This IP was reported 113 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.21

Whois 104.207.36.21

IP Abuse Reports for 104.207.36.21:

This IP address has been reported a total of 113 times from 21 distinct sources. 104.207.36.21 was first reported on June 3rd 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 noise.agency	2026-05-27 19:37:30 (2 weeks ago)	(wordpress) Failed wordpress login from 104.207.36.21 (US/United States/-)	Brute-Force
Anonymous	2026-02-15 13:05:39 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:19:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:19:12.592117 2026] [security2:error] [pid 30576:tid 30576] [client 104.207.36.21:38001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qualuedata.com"] [uri "/v2/.git/config"] [unique_id "aZG5wMgjh9zlP8AFpuLRaQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:03:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:03:04.412326 2026] [security2:error] [pid 1882593:tid 1882593] [client 104.207.36.21:59651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panacean.us"] [uri "/app/.git/config"] [unique_id "aZG1-LeD1BZpsxZk_F6-RwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:47:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:47:28.540267 2026] [security2:error] [pid 18471:tid 18471] [client 104.207.36.21:18445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paguilar.com"] [uri "/.env"] [unique_id "aZGyUNlcn-z4pmfehh-vGAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 06:06:33 (3 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:47:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:47:48.389819 2026] [security2:error] [pid 13568:tid 13568] [client 104.207.36.21:27281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prodivediving.com"] [uri "/wp/.git/config"] [unique_id "aZFeBGZx9qzeb5mVpIR3DAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:24:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:24:49.099634 2026] [security2:error] [pid 17712:tid 17712] [client 104.207.36.21:20195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "printorganic.com"] [uri "/.env.save"] [unique_id "aZFYoZ4h_R9msa5yJIbgvAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:26:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:26:42.166781 2026] [security2:error] [pid 2167:tid 2204] [client 104.207.36.21:14711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sandbarsteve.com"] [uri "/app/.env"] [unique_id "aZFLAiZIRZBCB3DKHleX4wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 poundawebsiteltd	2026-02-15 04:03:17 (3 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 104.207.36.21 - - [15/Feb/2026:0 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 104.207.36.21 - - [15/Feb/2026:04:03:15 +0000] GET /admin/.git/config HTTP/1.1 403 235 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:32:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:32:03.914630 2026] [security2:error] [pid 11778:tid 11778] [client 104.207.36.21:28427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "safwalu.com"] [uri "/api/.env"] [unique_id "aZE-M7q8-SoLGW9tl3C0awAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 02:49:37 (3 months ago)	Blocking for trying to access an exploit file: /v2/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-15 02:41:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:41:19.852722 2026] [security2:error] [pid 19592:tid 19592] [client 104.207.36.21:10191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "russellzone.com"] [uri "/.env"] [unique_id "aZEyT5XAs90FqFRuyTeGzgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:08:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:08:36.504627 2026] [security2:error] [pid 18876:tid 18876] [client 104.207.36.21:32701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naturalhomebuilders.com"] [uri "/.git/config"] [unique_id "aZEclH8bfrd5MOfCAyTNNQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:52:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:52:32.837050 2026] [security2:error] [pid 15339:tid 15353] [client 104.207.36.21:11733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robotics4fun.com"] [uri "/new/.git/config"] [unique_id "aZEY0IesDCpeL3FPBPgrfQAAAEo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 113 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.104.137.55

🇫🇷 91.196.152.178

🇺🇸 34.174.142.0

🇧🇴 181.188.187.140

🇨🇳 106.13.122.214

🇯🇵 101.36.104.242

🇬🇷 94.67.158.65

🇧🇦 31.223.129.43

🇺🇸 192.111.139.163

🇦🇷 186.148.224.83

🇺🇸 173.244.60.241

🇺🇸 76.79.213.70

🇭🇰 47.86.176.177

🇰🇷 27.100.188.204

🇷🇺 5.129.206.230

🇰🇷 221.164.235.189

🇳🇱 176.65.148.139

🇺🇸 162.217.165.32

🇮🇩 103.101.216.26

🇺🇸 35.150.128.133