JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.240

104.207.36.240 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 32%: ?

32%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.240

Whois 104.207.36.240

IP Abuse Reports for 104.207.36.240:

This IP address has been reported a total of 143 times from 23 distinct sources. 104.207.36.240 was first reported on June 8th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:06:57 (2 days ago)	Abuse Detected (3)	Brute-Force Web App Attack
🇸🇮 administrator	2026-06-02 22:18:25 (4 days ago)	2026-06-02 00:11:13,170 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.36.240 2 ... show more 2026-06-02 00:11:13,170 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.36.240 2026-06-02 00:11:13,170 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.36.240 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇨🇭 backslash	2026-05-27 05:21:00 (1 week ago)	block ruleset 6A1105329D233F6F53B9B61CE056BD4DAAE75AB4	Web Spam
🇦🇺 oncord	2026-05-26 20:17:37 (1 week ago)	Form spam	Web Spam
🇪🇸 librebit	2026-05-17 08:26:12 (2 weeks ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-05-13 23:57:57 (3 weeks ago)	Brute force	Brute-Force
🇸🇮 administrator	2026-05-04 17:04:42 (1 month ago)	2026-04-14 15:12:10,648 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.36.240 2 ... show more 2026-04-14 15:12:10,648 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.36.240 2026-04-14 15:12:10,648 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.36.240 2026-04-14 15:12:10,648 fail2ban.actions [1104]: NOTICE [ninjafirewall] Ban 104.207.36.240 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 02:28:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:28:02.212634 2026] [security2:error] [pid 5385:tid 5389] [client 104.207.36.240:24143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrowsinthequiver.com"] [uri "/wp/.git/config"] [unique_id "aY06stCWWZ-q9Opg4d0QNQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:24:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:24:19.210682 2026] [security2:error] [pid 21284:tid 21288] [client 104.207.36.240:32165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mailporte.com"] [uri "/backup/.git/config"] [unique_id "aYrPE9Y6KMvFGUOw8wVWFwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:44:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:43:59.573230 2026] [security2:error] [pid 9084:tid 9084] [client 104.207.36.240:18307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "klingandi.com"] [uri "/admin/.git/config"] [unique_id "aYq3j5F-_guLy4k9pYn6LgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-10 04:31:20 (3 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-10 02:16:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:16:23.401784 2026] [security2:error] [pid 14092:tid 14092] [client 104.207.36.240:58183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killeramps.com"] [uri "/frontend/.env"] [unique_id "aYqU96yemnc9AC-_NRASuAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:11:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:10:37.599033 2026] [security2:error] [pid 1663:tid 1663] [client 104.207.36.240:30701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hppagewidetampa.com"] [uri "/.env.local"] [unique_id "aYppbTzvzTKJNdXNKVEUKAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:55:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:55:37.320290 2025] [security2:error] [pid 2834:tid 2834] [client 104.207.36.240:47547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ozkanturker.com"] [uri "/.svn/wc.db"] [unique_id "aSbquWG9lVdVPtwOFLxVOQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:15:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:15:28.705589 2025] [security2:error] [pid 16933:tid 16952] [client 104.207.36.240:28009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rpiusa.net"] [uri "/.env"] [unique_id "aSaM8G__nRv550N5ZrlB_QAAAU8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.195.26

🇳🇱 45.148.10.230

🇨🇳 210.13.84.84

🇳🇱 188.166.27.115

🇲🇰 188.44.20.33

🇩🇪 172.217.33.212

🇩🇪 93.253.62.236

🇺🇸 20.65.194.84

🇷🇴 2.57.122.177

🇬🇧 194.50.235.158

🇨🇳 42.180.4.166

🇺🇸 172.245.102.2

🇺🇸 67.207.84.8

🇺🇸 2607:f8b0:4001:c24::12e

🇮🇳 2404:6800:4000:100e::125

🇳🇱 85.121.127.139

🇺🇸 66.132.172.234

🇨🇳 60.220.241.50

🇷🇴 2.57.121.25

🇩🇪 213.209.159.225