JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.4

104.207.36.4 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.4

Whois 104.207.36.4

IP Abuse Reports for 104.207.36.4:

This IP address has been reported a total of 95 times from 19 distinct sources. 104.207.36.4 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:38 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-06 08:42:50 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-11-30 23:08:10 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-27 19:51:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:51:21.869258 2025] [security2:error] [pid 20909:tid 20909] [client 104.207.36.4:25321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blublk.com"] [uri "/.svn/wc.db"] [unique_id "aSiruevVDjsS7ND07m4lkQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:46:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:46:16.316884 2025] [security2:error] [pid 11973:tid 11973] [client 104.207.36.4:21827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.adonamusic.com"] [uri "/.git/HEAD"] [unique_id "aSQpaJ2IMZctKkHU0nHZ0AAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:16:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:16:28.752873 2025] [security2:error] [pid 3762775:tid 3762775] [client 104.207.36.4:31769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.salsberggroup.com"] [uri "/.svn/wc.db"] [unique_id "aSQibEg4vMhZHAP-pLxLawAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:57:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:57:31.560878 2025] [security2:error] [pid 8168:tid 8168] [client 104.207.36.4:43453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.basselier.com"] [uri "/.env"] [unique_id "aSQB2wwCzlAPYH9-N_tV1AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:32:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:38.879016 2025] [security2:error] [pid 19908:tid 19908] [client 104.207.36.4:22097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.alexscollay.com"] [uri "/.svn/wc.db"] [unique_id "aSPf5hcTsr9cD6SUIcFqXAAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-11-19 06:58:13 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-13 20:48:37 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-11-08 08:10:53 (7 months ago)	wordpress-trap	Web App Attack
🇺🇸 fbarela	2025-11-08 02:01:32 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-10-11 06:59:56 (8 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 17:42:26 (8 months ago)	Attempted brute force login to web vpn 144 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 144 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.145.28

🇨🇳 120.26.210.195

🇨🇳 118.196.56.74

🇵🇰 101.53.233.88

🇳🇱 81.19.216.111

🇩🇪 69.5.169.29

🇳🇱 45.148.10.244

🇳🇱 45.148.10.147

🇺🇸 2401:b140:1::92:202

🇨🇱 179.57.170.71

🇩🇪 130.12.182.143

🇸🇬 103.187.147.214

🇳🇱 93.123.72.183

🇺🇸 74.235.121.66

🇺🇸 45.92.229.137

🇺🇸 40.119.33.98

🇵🇰 39.36.118.248

🇺🇸 2600:3c03::2000:38ff:fe82:db2c

🇰🇷 211.62.96.42

🇨🇳 183.153.20.254