JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.49

104.207.36.49 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.49

Whois 104.207.36.49

IP Abuse Reports for 104.207.36.49:

This IP address has been reported a total of 153 times from 19 distinct sources. 104.207.36.49 was first reported on June 3rd 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-09 20:07:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:06:54.158815 2026] [security2:error] [pid 9989:tid 9989] [client 104.207.36.49:13179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galaxyretro.com"] [uri "/v2/.git/config"] [unique_id "aYo-XsNxjh5yoXNE2TjqqAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FutureFm	2026-02-09 19:54:00 (3 months ago)	104.207.36.49 - - [09/Feb/2026:19:27:09 +0100] "GET /.aws/credentials	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-02-09 09:02:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 04:02:12.113723 2026] [security2:error] [pid 1514:tid 1514] [client 104.207.36.49:40327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "g-drome.com"] [uri "/dev/.git/config"] [unique_id "aYmilD3X9-O9lY9s2PdOsgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 07:46:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 02:46:02.216072 2026] [security2:error] [pid 20095:tid 20095] [client 104.207.36.49:32325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuzzyecho.com"] [uri "/backend/.env"] [unique_id "aYmQuia89Rxuoe5AeAiq_gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 applemooz	2026-01-03 12:57:48 (5 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇦🇺 MAGIC	2025-12-22 01:00:51 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 COMPLEX	2025-12-15 05:41:10 (5 months ago)	Triggered Cloudflare WAF (l7ddos) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protoc ... show more Triggered Cloudflare WAF (l7ddos) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: / show less	DDoS Attack Bad Web Bot
🇳🇱 homeshowdomain.nl	2025-11-25 23:02:25 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 06:28:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:28:45.053024 2025] [security2:error] [pid 23279:tid 23279] [client 104.207.36.49:30831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "md20lf.org.ithacalions.com"] [uri "/.git/HEAD"] [unique_id "aSVMnYxXoeu6eYSZwadTJgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:15:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:15:04.791458 2025] [security2:error] [pid 5243:tid 5243] [client 104.207.36.49:40023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.thehappywillow.com"] [uri "/.env"] [unique_id "aSUtSKdfYyz60BsFjPxR_gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:47:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:47:18.360462 2025] [security2:error] [pid 14666:tid 14666] [client 104.207.36.49:48357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.styxwamworld.com"] [uri "/.env"] [unique_id "aSUmxgXhVl0xO0AQfopOqwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:48:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:48:43.908143 2025] [security2:error] [pid 1647141:tid 1647213] [client 104.207.36.49:10475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.davidtung.com"] [uri "/.svn/wc.db"] [unique_id "aSUZC9ffCdpZ5cNrCNd39wAAAUg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:11:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:11:12.439941 2025] [security2:error] [pid 30596:tid 30596] [client 104.207.36.49:59463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.anthonyanimalclinic.net"] [uri "/.git/HEAD"] [unique_id "aSUQQC5XSGmHMfT6D5xLuwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:23:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:22:52.537855 2025] [security2:error] [pid 3756:tid 3756] [client 104.207.36.49:30943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wendeenicole.com"] [uri "/.env"] [unique_id "aSUE7AyeehS1kdNGCLbV6AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:56:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:56:10.766455 2025] [security2:error] [pid 26166:tid 26166] [client 104.207.36.49:38503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.goodfrequencies.com"] [uri "/.env"] [unique_id "aST-qs0QiKXDL6ZVd5CwDgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇲🇽 186.96.145.241

🇨🇳 106.13.182.13

🇳🇱 35.204.47.210

🇬🇧 35.203.210.142

🇳🇱 192.42.116.48

🇮🇳 103.25.47.94

🇯🇵 124.156.225.181

🇷🇴 92.118.39.236

🇳🇱 81.19.216.98

🇺🇸 20.168.120.249

🇩🇪 8.211.43.157

🇺🇸 2602:80d:1008::27

🇵🇸 178.214.77.67

🇺🇸 129.153.145.135

🇮🇳 128.185.201.142

🇫🇷 51.83.10.158

🇺🇸 34.230.124.21

🇺🇸 3.142.232.179

🇪🇸 217.154.180.67