JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.219

104.207.36.219 was found in our database!

This IP was reported 174 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.219

Whois 104.207.36.219

IP Abuse Reports for 104.207.36.219:

This IP address has been reported a total of 174 times from 28 distinct sources. 104.207.36.219 was first reported on June 5th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:55:18 (4 days ago)	Web App Attack	Web App Attack
🇺🇸 MPL	2026-06-22 20:47:59 (5 days ago)	tcp/80 (11 or more attempts)	Port Scan
🇩🇪 anycast_ac	2026-06-17 19:34:12 (1 week ago)	[DDoS Attacker] This IP was attacking website anycast.ac and sent 263 requests on port 443	DDoS Attack Web App Attack
🇫🇷 MatStef132	2026-05-19 21:11:03 (1 month ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:21:17 (1 month ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-14 21:32:36 (1 month ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
Anonymous	2026-04-16 19:40:46 (2 months ago)	Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10. ... show more Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-04-16 02:09:21 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-09.104.207.36.219.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-09.104.207.36.219.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇵🇱 sefinek.net	2026-03-29 03:46:18 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-19 05:21:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:21:48.913152 2026] [security2:error] [pid 19345:tid 19345] [client 104.207.36.219:39177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kristencorley.com"] [uri "/frontend/.env"] [unique_id "aZad7CEmPrn2S3uy96Y0JAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 01:55:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:55:54.287594 2026] [security2:error] [pid 5866:tid 5866] [client 104.207.36.219:10003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karsini-services.com"] [uri "/backend/.env"] [unique_id "aZZtqqDLCNb7CQJs18GepAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:02:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:02:03.370696 2026] [security2:error] [pid 21012:tid 21012] [client 104.207.36.219:41725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tigerallenyim.com"] [uri "/admin/.env"] [unique_id "aZYMqwZ8Y-_3bc6SRTtxPAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:08:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:08:10.290695 2026] [security2:error] [pid 4755:tid 4755] [client 104.207.36.219:47655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "waxjet510.com"] [uri "/admin/.env"] [unique_id "aZWrqvFMKsIHzg8K06CH0QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:46:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:46:15.730026 2026] [security2:error] [pid 18779:tid 18779] [client 104.207.36.219:33793] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walterjhoodco.com"] [uri "/v2/.git/config"] [unique_id "aZWmh_iKiK97sQJ9Zfj_2gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 chronos	2026-01-02 21:30:18 (5 months ago)	[AUTORAVALT][[02/01/2026 - 18:30:17 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [104. ... show more [AUTORAVALT][[02/01/2026 - 18:30:17 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [104.207.36.219] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various oth] ... show less	Hacking Web App Attack

Showing 1 to 15 of 174 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 203.212.9.221

🇳🇱 176.65.148.215

🇨🇳 124.66.76.222

🇮🇩 103.97.101.25

🇸🇬 103.13.207.88

🇨🇳 60.19.32.124

🇨🇳 59.52.176.145

🇨🇳 182.116.79.243

🇳🇱 161.35.144.87

🇮🇩 103.185.53.93

🇪🇸 88.21.21.240

🇰🇷 20.249.12.26

🇩🇰 193.181.213.174

🇸🇬 165.232.165.183

🇩🇪 164.90.181.84

🇮🇳 124.253.100.217

🇮🇳 116.73.240.74

🇻🇳 103.98.152.181

🇩🇪 64.226.107.125

🇳🇱 45.148.10.240