JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.57

104.207.36.57 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.57

Whois 104.207.36.57

IP Abuse Reports for 104.207.36.57:

This IP address has been reported a total of 136 times from 19 distinct sources. 104.207.36.57 was first reported on June 11th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-16 06:35:06 (3 days ago)	Brute force	Brute-Force
🇫🇷 mrcrassi	2026-06-05 07:45:21 (2 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.104 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 Gem	2026-02-13 23:19:51 (4 months ago)	Unauthorized web scan.	Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 22:59:11 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 19:35:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 14:35:13.469948 2026] [security2:error] [pid 2513:tid 2513] [client 104.207.36.57:34969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aperturecontrols.com"] [uri "/.env.local"] [unique_id "aYuIcbVMwUL3hxXGjsiujwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 16:10:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 11:10:21.314019 2026] [security2:error] [pid 21045:tid 21064] [client 104.207.36.57:55369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "12am.us"] [uri "/.env.local"] [unique_id "aYtYbUbhlAcrdkcO_sPbpgAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:28:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:28:48.602395 2026] [security2:error] [pid 20754:tid 20754] [client 104.207.36.57:63525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ianmagarzo.com"] [uri "/new/.git/config"] [unique_id "aYql8I7sckN_f7yPK_egvAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:58:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:58:14.851941 2026] [security2:error] [pid 24059:tid 24059] [client 104.207.36.57:43983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingmanrents.com"] [uri "/.env.save"] [unique_id "aYqexv2HYgf_YKBB4m-bnQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:14:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:14:13.238960 2026] [security2:error] [pid 990:tid 990] [client 104.207.36.57:20863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kildarafarms.com"] [uri "/frontend/.env"] [unique_id "aYqUdQ7KnZbGg4_ZSBrklgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-15 08:41:35 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-13 12:35:46 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:35:36.992985 2026] [security2:error] [pid 7843:tid 7843] [client 104.207.36.57:46721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deweysearch.com"] [uri "/.env"] [unique_id "aWY8GI0fkokj1mtRdhN4DAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-08 04:35:02 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇵🇱 sefinek.net	2025-11-21 23:15:10 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-11-17 01:59:08 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.176

🇮🇹 188.241.66.125

🇵🇱 194.165.16.161

🇨🇳 180.76.177.88

🇺🇸 161.35.183.84

🇭🇰 154.221.20.92

🇺🇸 147.253.212.158

🇫🇮 147.185.133.51

🇭🇰 103.226.124.223

🇷🇴 80.94.92.186

🇺🇸 50.235.31.47

🇳🇱 45.148.10.151

🇬🇧 37.10.113.218

🇧🇬 5.188.206.34

🇷🇼 196.216.81.126

🇸🇬 165.154.29.93

🇯🇵 160.251.202.50

🇦🇹 152.53.0.56

🇭🇰 116.48.143.166

🇮🇩 110.232.72.66