JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.228

104.207.36.228 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.228

Whois 104.207.36.228

IP Abuse Reports for 104.207.36.228:

This IP address has been reported a total of 141 times from 23 distinct sources. 104.207.36.228 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-04 12:43:56 (1 month ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2026-04-27 02:23:09 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 octageeks.com	2026-04-16 04:07:54 (2 months ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇱🇻 garmtech.com	2026-03-18 17:35:54 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-35.104.207.36.228.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-35.104.207.36.228.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2026-03-15 00:07:43 (3 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-02-21 15:51:20 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇳🇱 jjnxpct	2026-02-19 04:49:55 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /site/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Web App Attack Hacking
Anonymous	2026-02-19 01:36:49 (4 months ago)	PSCSERV WPSCAN 104.207.36.228	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:33:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:33:46.853360 2026] [security2:error] [pid 15996:tid 15996] [client 104.207.36.228:20083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhitedfamily.com"] [uri "/frontend/.env"] [unique_id "aZYGCuzs_-U_LHIyCyJv8wAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-18 18:05:56 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:13:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:13:50.154740 2026] [security2:error] [pid 28182:tid 28182] [client 104.207.36.228:32129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wies.name"] [uri "/app/.env"] [unique_id "aZW7DjpVTK5ZmkG6IPEfcQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:21:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:21:20.236787 2026] [security2:error] [pid 25816:tid 25816] [client 104.207.36.228:16659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weavergroup.us"] [uri "/app/.git/config"] [unique_id "aZWuwC6kk6sWfzDxfbGIuAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:06:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:06:08.464988 2026] [security2:error] [pid 16982:tid 16982] [client 104.207.36.228:51679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watongalodging.com"] [uri "/.git/config"] [unique_id "aZWrMIzcOTZkyMJhWHPK-wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-11 02:46:31 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 04-46.104.207.36.228.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 04-46.104.207.36.228.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:52 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.190.65.14

🇺🇸 165.154.163.112

🇧🇩 103.171.69.70

🇰🇿 92.47.46.174

🇺🇸 66.132.172.221

🇺🇸 45.79.98.252

🇧🇪 35.205.51.242

🇺🇸 35.169.206.177

🇲🇦 81.192.46.29

🇬🇧 35.203.210.133

🇻🇪 200.71.154.142

🇺🇸 107.150.99.178

🇸🇪 78.66.45.101

🇺🇸 64.62.197.13

🇫🇷 51.68.34.131

🇩🇪 46.249.101.161

🇧🇷 43.164.192.40

🇺🇸 40.124.186.157

🇺🇸 35.245.189.125

🇩🇪 185.242.3.226