JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.29

104.207.36.29 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 26%: ?

26%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.29

Whois 104.207.36.29

IP Abuse Reports for 104.207.36.29:

This IP address has been reported a total of 149 times from 18 distinct sources. 104.207.36.29 was first reported on June 7th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-06-03 10:50:29 (2 days ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.6 Safari/605.1.15 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇭 backslash	2026-05-23 05:12:19 (1 week ago)		Bad Web Bot
Anonymous	2026-05-08 17:08:01 (3 weeks ago)	Malicious activity detected	Hacking Web App Attack
🇩🇪 iNetWorker	2026-05-06 13:36:16 (4 weeks ago)	trying to access non-authorized port	Port Scan
🇦🇺 oncord	2026-04-22 00:37:19 (1 month ago)	Form spam	Web Spam
🇦🇺 oncord	2026-04-20 12:10:27 (1 month ago)	Form spam	Web Spam
🇺🇸 nowyouknow	2026-03-03 11:17:30 (3 months ago)	(From [email protected]) No experience is necessary and full training is provided. But before ... show more (From [email protected]) No experience is necessary and full training is provided. But before you apply, you need to see which role you’re best suited for. Go here to take the Writing Job Quiz. ---> http://PaidToWrite.Online/ Once you finish the quiz, you’ll get a breakdown of the best opportunities available for you right now. Visit -----> http://PaidToWrite.Online/ show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2026-02-13 13:44:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:44:29.372220 2026] [security2:error] [pid 27367:tid 27367] [client 104.207.36.29:31589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindheartbreath.com"] [uri "/.env"] [unique_id "aY8qvToF9DeJKHDoe35GBgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:11:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:11:13.924845 2026] [security2:error] [pid 3225:tid 3225] [client 104.207.36.29:61061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikelynchphoto.com"] [uri "/admin/.git/config"] [unique_id "aY8i8e5ZVQTOChL9JEQWZwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:01:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:01:21.762090 2026] [security2:error] [pid 11823:tid 11823] [client 104.207.36.29:16891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manvsfoodlocations.com"] [uri "/api/.env"] [unique_id "aY6UAd7AMprY5zZbPt7NbQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:24:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:24:00.229712 2026] [security2:error] [pid 2188:tid 2188] [client 104.207.36.29:22943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "malta-boat-registration.com"] [uri "/backup/.git/config"] [unique_id "aY6LQDI5oMRNrLe5HfTV4wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:28:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:28:32.497610 2026] [security2:error] [pid 13650:tid 13706] [client 104.207.36.29:14171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnumxl.com"] [uri "/backend/.env"] [unique_id "aY5-QE9_nSpw7G6GQSn3CQAAAEo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 20:01:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 15:01:11.151607 2026] [security2:error] [pid 2104:tid 2104] [client 104.207.36.29:27477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gerrytolentino.net"] [uri "/.git/config"] [unique_id "aY4xhz6OvgDYR69EjMHyFwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:17:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:17:48.772334 2026] [security2:error] [pid 11804:tid 11804] [client 104.207.36.29:58405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daretownkindling.com"] [uri "/.env"] [unique_id "aY4LPNfmqDPFnk2LVvueVwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:54:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:54:28.985199 2026] [security2:error] [pid 473:tid 473] [client 104.207.36.29:26889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpking.com"] [uri "/.env"] [unique_id "aY4FxCRdPoSLdipEefEMkwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 144.172.112.170

🇰🇷 112.216.108.62

🇷🇺 95.165.27.83

🇺🇸 18.191.175.127

🇬🇧 2a06:4880:2000::45

🇺🇿 213.230.65.53

🇸🇪 213.204.245.174

🇺🇸 195.184.76.174

🇺🇸 195.184.76.166

🇺🇸 195.184.76.142

🇬🇧 195.96.139.79

🇮🇩 157.15.40.77

🇧🇷 108.179.252.145

🇮🇳 106.219.154.230

🇷🇺 94.247.62.11

🇮🇶 65.20.155.146

🇺🇸 64.62.197.198

🇸🇬 51.79.160.196

🇩🇪 46.249.99.124

🇳🇱 45.148.10.206