JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.30

104.207.36.30 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.30

Whois 104.207.36.30

IP Abuse Reports for 104.207.36.30:

This IP address has been reported a total of 132 times from 18 distinct sources. 104.207.36.30 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-21 07:16:49 (2 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-24 11:48:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 06:48:52.650251 2026] [security2:error] [pid 10652:tid 10652] [client 104.207.36.30:26803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mta-sts.okwellbeing.com"] [uri "/.git/config"] [unique_id "aZ2QJNS1cwOH9rDoOccZrAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 10:43:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 05:43:21.260833 2026] [security2:error] [pid 32091:tid 32091] [client 104.207.36.30:40411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "porcherllc.internet-brochures.com"] [uri "/.git/config"] [unique_id "aZ2AyZL3-TAGNQaCcsN6-wAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 03:27:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 22:26:56.286256 2026] [security2:error] [pid 2333:tid 2333] [client 104.207.36.30:33789] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomorrowsdust.net.greighhouse.com"] [uri "/.git/config"] [unique_id "aZ0agKWRK5MVjjKDKO-FEgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-19 04:50:35 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.local (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.local] show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-02-18 03:40:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 22:40:18.071068 2026] [security2:error] [pid 195138:tid 195144] [client 104.207.36.30:52897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rmoeis.com"] [uri "/new/.git/config"] [unique_id "aZU0os4RuyaxYGIf0CT7fQAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-02-18 02:37:47 (3 months ago)	. Matched phrase "/.env" at REQUEST_URI. (210492-123)	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 02:33:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:32:55.890988 2026] [security2:error] [pid 20262:tid 20262] [client 104.207.36.30:61935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rentaroller.com.au"] [uri "/v2/.git/config"] [unique_id "aZUk10_KPxSQDbBf0c7KTgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-12 05:59:48 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 fbarela	2025-12-29 00:00:21 (5 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-12-21 10:13:23 (5 months ago)	wordpress-trap	Web App Attack
🇦🇺 2000cn.com.au	2025-12-11 21:55:49 (5 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 charmicat	2025-12-06 17:45:12 (6 months ago)	AUTOMATED REPORT - suspicious request from 104.207.36.30: [Sat, 06 Dec 2025 17:45:12 +0000] GET /old ... show more AUTOMATED REPORT - suspicious request from 104.207.36.30: [Sat, 06 Dec 2025 17:45:12 +0000] GET /old/wp-admin/install.php HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0 show less	Web App Attack
🇮🇹 Rosh	2025-10-27 09:42:15 (7 months ago)	[10/27/25 10:42:14] SSH: authentication failure	Brute-Force SSH

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.159

🇺🇸 216.25.89.125

🇮🇩 202.51.214.99

🇮🇳 182.95.120.50

🇮🇳 122.185.146.166

🇸🇪 83.233.149.204

🇺🇸 67.52.95.38

🇧🇪 35.205.54.91

🇮🇪 3.252.253.136

🇪🇹 196.188.116.56

🇧🇷 189.89.9.21

🇧🇷 187.6.121.246

🇨🇳 183.21.85.145

🇺🇸 138.197.2.102

🇨🇳 120.48.82.124

🇺🇸 107.174.137.235

🇮🇳 103.248.120.6

🇷🇴 80.94.95.242

🇺🇸 66.228.62.150

🇺🇸 65.49.1.184