JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.216

104.207.36.216 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.216

Whois 104.207.36.216

IP Abuse Reports for 104.207.36.216:

This IP address has been reported a total of 136 times from 20 distinct sources. 104.207.36.216 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 06:12:14 (2 weeks ago)	Brute force	Brute-Force
🇲🇹 Malta	2025-12-31 13:33:50 (5 months ago)	104.207.36.216 - - [31/Dec/2025:14:33:50 +0100] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows NT ... show more 104.207.36.216 - - [31/Dec/2025:14:33:50 +0100] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Hacking Web App Attack
Anonymous	2025-12-12 13:31:34 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 06:10:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:09:57.750619 2025] [security2:error] [pid 9053:tid 9053] [client 104.207.36.216:18007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.agri-stor.totalstorage.solutions"] [uri "/.git/HEAD"] [unique_id "aSVINT2WkK0SvPC545W2ZQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:08:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:08:19.283908 2025] [security2:error] [pid 22205:tid 22205] [client 104.207.36.216:26147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.tnthandy.com"] [uri "/.env"] [unique_id "aSU5w69hwNgWXu6-OrFsCAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:44:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:43:59.326099 2025] [security2:error] [pid 25647:tid 25647] [client 104.207.36.216:41197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.stefchild.com"] [uri "/.git/HEAD"] [unique_id "aSU0DzrbfgVb3cIt-Hp-KwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:54:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:54:01.589543 2025] [security2:error] [pid 11260:tid 11260] [client 104.207.36.216:44563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.donnysimonton.com"] [uri "/.svn/wc.db"] [unique_id "aSUoWXTTYLYZs5o98tpEPwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:55:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:55:43.319727 2025] [security2:error] [pid 8715:tid 8715] [client 104.207.36.216:39461] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.davidfiss.com"] [uri "/.svn/wc.db"] [unique_id "aSUar22kX72fyFAK3ZkxAQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:29:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:29:42.970798 2025] [security2:error] [pid 14216:tid 14216] [client 104.207.36.216:41063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "texasbordertours.com.worldchat.global"] [uri "/.env"] [unique_id "aSUUli3sEJuieemfIPZC1AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:37:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:37:42.127189 2025] [security2:error] [pid 1647141:tid 1647211] [client 104.207.36.216:12703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.poeticdialogues.com"] [uri "/.svn/wc.db"] [unique_id "aSUIZtffCdpZ5cNrCNdVpgAAAUY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:42:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:42:21.073891 2025] [security2:error] [pid 24617:tid 24617] [client 104.207.36.216:23241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lancehancock.com"] [uri "/.svn/wc.db"] [unique_id "aST7bdDH6W6n07zGBWT-8QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:01:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:01:25.579354 2025] [security2:error] [pid 28104:tid 28104] [client 104.207.36.216:12477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.colodist.com"] [uri "/.env"] [unique_id "aSTx1U5HdUHLrAK9BHEYygAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:41:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:40:39.879518 2025] [security2:error] [pid 3434:tid 3434] [client 104.207.36.216:46995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.desertrosedoves.com"] [uri "/.git/HEAD"] [unique_id "aSPv15BRKARUd3sLxHJ3zgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:21:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:21:07.993886 2025] [security2:error] [pid 983:tid 983] [client 104.207.36.216:53287] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pensbybruno.com"] [uri "/.git/HEAD"] [unique_id "aSPrQzu0HkymyGKOwIGyzwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-11-21 16:34:29 (6 months ago)	Form spam	Web Spam

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 2.57.121.112

🇬🇧 193.163.125.174

🇷🇺 193.143.1.66

🇺🇸 192.3.64.210

🇧🇴 190.181.27.27

🇮🇸 89.147.110.252

🇩🇪 69.5.169.158

🇺🇸 54.144.235.51

🇫🇷 51.75.141.245

🇸🇬 47.128.61.21

🇮🇩 182.9.34.46

🇮🇳 152.52.246.94

🇷🇴 109.166.132.187

🇭🇰 58.152.42.174

🇮🇳 49.207.243.158

🇺🇸 47.251.93.227

🇰🇷 222.112.12.140

🇺🇸 216.218.206.69

🇳🇱 192.253.248.169

🇺🇸 192.169.201.223