JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.232

104.207.36.232 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 21%: ?

21%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.232

Whois 104.207.36.232

IP Abuse Reports for 104.207.36.232:

This IP address has been reported a total of 157 times from 21 distinct sources. 104.207.36.232 was first reported on June 11th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 10:10:25 (3 days ago)	[da.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide ... show more [da.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide=true \| distinct_ips=25 \| /wp-login.php show less	Hacking Web App Attack
🇲🇹 Malta	2026-05-31 06:18:33 (5 days ago)	104.207.36.232 - - [31/May/2026:08:18:33 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 104.207.36.232 - - [31/May/2026:08:18:33 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 FeG Deutschland	2026-05-28 02:59:05 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇫🇮 as211431.net	2026-03-16 01:47:19 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-13 13:18:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:18:29.924210 2026] [security2:error] [pid 3029:tid 3029] [client 104.207.36.232:43565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lawrencehale.net"] [uri "/backup/.git/config"] [unique_id "aY8kpedy7yhRShoWLFfLLgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:00:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:00:25.308265 2026] [security2:error] [pid 24799:tid 24799] [client 104.207.36.232:55535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mightyhoop.com"] [uri "/.env.production"] [unique_id "aY8gaUmuXOcbKANAjj588gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:12:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:12:13.223893 2026] [security2:error] [pid 3633:tid 3633] [client 104.207.36.232:14667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medpact.net"] [uri "/site/.git/config"] [unique_id "aY7OzSj8BU4CcyFPYaza-gAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:10:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:10:08.131172 2026] [security2:error] [pid 2713555:tid 2713555] [client 104.207.36.232:50615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcefa.org"] [uri "/.env.staging"] [unique_id "aY7AQI2HVano4WeORXWjggAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:18:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:18:41.287164 2026] [security2:error] [pid 31582:tid 31582] [client 104.207.36.232:48897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matteozacchino.dev"] [uri "/test/.git/config"] [unique_id "aY60MSVS84-2-nEO6rZMGQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:54:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:54:20.720668 2026] [security2:error] [pid 5490:tid 5490] [client 104.207.36.232:44131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "masterfulenlighteningfreestudies.org"] [uri "/.env"] [unique_id "aY6ufONYYIfkNnqaEGxehgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:34:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:34:04.210906 2026] [security2:error] [pid 1774691:tid 1774713] [client 104.207.36.232:20201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "managementconsultantcertification.com"] [uri "/wp/.git/config"] [unique_id "aY6NnHVNotX2_xvF9oGBEwAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:01:24 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 16:39:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:39:52.171622 2026] [security2:error] [pid 23935:tid 23935] [client 104.207.36.232:41757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "connectigramme.com"] [uri "/dev/.git/config"] [unique_id "aY4CWDRzE2ce84XU-qxlfAAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-01-28 19:39:42 (4 months ago)	2026-01-28 20:39:42 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 10:46:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:46:00.425403 2025] [security2:error] [pid 26280:tid 26280] [client 104.207.36.232:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "upskirtcrazy.com"] [uri "/.git/HEAD"] [unique_id "aS7DaFRpXs3tcQryJ6Ep3wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.124.20.247

🇳🇱 176.65.139.233

🇺🇸 147.185.132.213

🇺🇸 144.31.35.238

🇦🇺 103.208.219.38

🇧🇪 34.156.205.200

🇯🇵 20.78.148.25

🇧🇷 205.210.31.230

🇧🇪 198.235.24.173

🇩🇪 193.124.20.248

🇸🇬 172.217.97.20

🇮🇳 125.19.220.30

🇨🇳 111.162.142.49

🇫🇷 91.231.89.149

🇬🇧 35.203.211.146

🇬🇧 35.203.210.62

🇻🇳 160.30.160.183

🇨🇳 115.231.78.3

🇧🇩 103.86.198.162

🇫🇷 85.204.70.96