JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.252

104.207.36.252 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.252

Whois 104.207.36.252

IP Abuse Reports for 104.207.36.252:

This IP address has been reported a total of 146 times from 14 distinct sources. 104.207.36.252 was first reported on June 21st 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-04-06 22:26:27 (2 months ago)	Form spam	Web Spam
🇺🇸 interbiznw.com	2026-04-04 15:46:57 (2 months ago)	wordpress-fuzzing	Hacking Brute-Force Exploited Host Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2025-12-14 06:29:29 (5 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 07:25:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:25:33.318552 2025] [security2:error] [pid 1642:tid 1642] [client 104.207.36.252:21127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.johneiden.com"] [uri "/.env"] [unique_id "aSVZ7aePeeQVVBHfJL1jgwAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:40:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:40:21.507903 2025] [security2:error] [pid 16278:tid 16278] [client 104.207.36.252:26473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.jeanlouisdarville.com"] [uri "/.svn/wc.db"] [unique_id "aSVPVeVfvUAWfmF7QDtO0QAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:16:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:16:03.824435 2025] [security2:error] [pid 5520:tid 5520] [client 104.207.36.252:44507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ocmtx.org"] [uri "/.env"] [unique_id "aSVJozrxwcB8xVImnpsfzQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:30:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:30:09.464234 2025] [security2:error] [pid 5668:tid 5668] [client 104.207.36.252:24363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cavells.org"] [uri "/.env"] [unique_id "aSU-4aTk__PJDgdS0HaKBwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:50:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:50:47.042169 2025] [security2:error] [pid 7855:tid 7855] [client 104.207.36.252:42363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kqdemo.homehealth101.com"] [uri "/.git/HEAD"] [unique_id "aSU1p__-YvtwMFChklMpEQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:59:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:59:32.701110 2025] [security2:error] [pid 15820:tid 15820] [client 104.207.36.252:30089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.celiaconaway.com"] [uri "/.git/HEAD"] [unique_id "aSUppDufTdCiU04tBkmSzgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:31:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:31:40.694294 2025] [security2:error] [pid 735509:tid 735509] [client 104.207.36.252:9117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.smogsandiego.com"] [uri "/.svn/wc.db"] [unique_id "aSUjHO_W5rcSOHEK5seyFAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:27:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:27:52.185194 2025] [security2:error] [pid 6406:tid 6406] [client 104.207.36.252:47607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.greybird.cc"] [uri "/.svn/wc.db"] [unique_id "aSUUKBxN52rwU4EP7uM6mAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:08:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:08:08.390718 2025] [security2:error] [pid 24688:tid 24688] [client 104.207.36.252:29453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tantrona.osmansirel.com"] [uri "/.env"] [unique_id "aSUPiOIh0N9S-Y3Uvpmi8QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:36:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:36:50.080991 2025] [security2:error] [pid 13987:tid 13987] [client 104.207.36.252:39319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mgmlawnservice.buffaloweddingdeejay.com"] [uri "/.svn/wc.db"] [unique_id "aSUIMq6b8Q8RewCHWKtGrQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:46:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:45:47.265884 2025] [security2:error] [pid 1028:tid 1028] [client 104.207.36.252:48369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.bioterrorismbooks.info"] [uri "/.env"] [unique_id "aST8O4QtI3dALaDKwDSiSQAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 34.48.120.33

🇱🇻 212.3.197.12

🇳🇱 178.62.213.188

🇳🇱 91.92.243.20

🇩🇪 78.111.67.242

🇫🇮 46.62.225.25

🇨🇱 34.176.79.8

🇭🇰 154.198.42.71

🇮🇳 103.69.200.225

🇦🇷 45.184.229.84

🇳🇱 45.86.200.4

🇺🇸 2604:a940:300:5b6:0:29::

🇰🇷 220.86.176.134

🇮🇳 172.232.121.109

🇭🇰 139.198.113.29

🇨🇳 124.234.198.184

🇰🇷 101.36.114.124

🇳🇱 64.89.162.49

🇧🇷 45.205.1.5

🇮🇩 34.50.114.154