JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.62

104.207.36.62 was found in our database!

This IP was reported 158 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.62

Whois 104.207.36.62

IP Abuse Reports for 104.207.36.62:

This IP address has been reported a total of 158 times from 20 distinct sources. 104.207.36.62 was first reported on June 11th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-27 13:32:47 (2 weeks ago)	8.671 requests with url.path //xmlrpc.php 8.249 requests with url.path /xmlrpc.php 2.095 POST req ... show more 8.671 requests with url.path //xmlrpc.php 8.249 requests with url.path /xmlrpc.php 2.095 POST requests with url.path */wp-login.php show less	Brute-Force Bad Web Bot
🇱🇻 garmtech.com	2026-05-23 10:23:24 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-23.104.207.36.62.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 13-23.104.207.36.62.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-05-22 23:19:02 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-19.104.207.36.62.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-19.104.207.36.62.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇳🇱 jjnxpct	2026-02-19 04:49:56 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/config (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/config] show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-02-19 04:45:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:45:11.534795 2026] [security2:error] [pid 23814:tid 23814] [client 104.207.36.62:20541] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kofcasamblea442.org"] [uri "/.env.production"] [unique_id "aZaVV4te8Td6YE0LoftvOAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:37:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:37:09.983356 2026] [security2:error] [pid 24623:tid 24623] [client 104.207.36.62:41095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswow.com"] [uri "/.git/config"] [unique_id "aZaFZfebV4Tl3lfvAkw_SQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:58:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:58:27.838980 2026] [security2:error] [pid 17129:tid 17129] [client 104.207.36.62:63649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ken-parker.com"] [uri "/app/.git/config"] [unique_id "aZZ8U39rZMPrqDuEc5MpdgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:35:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:35:09.722271 2026] [security2:error] [pid 29037:tid 29056] [client 104.207.36.62:30831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kd9uri.com"] [uri "/wp/.git/config"] [unique_id "aZZ23SNDMqHhiXp-2au3uQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:12:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:12:09.518798 2026] [security2:error] [pid 16458:tid 16458] [client 104.207.36.62:54039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathyquan.com"] [uri "/.env.production"] [unique_id "aZZxeYBxhPOKjEBgs7hI_wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:31:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:31:33.588626 2026] [security2:error] [pid 2096:tid 2096] [client 104.207.36.62:56093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewanderinghermit.com"] [uri "/.env.production"] [unique_id "aZYFhf6GitHS96TMirjfsAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-02-18 17:04:34 (3 months ago)	Restricted File Access Attempt. Matched phrase "/.env" at REQUEST_FILENAME. (930130-122)	Hacking Web App Attack
🇺🇸 mnsf	2026-02-18 14:06:04 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 13:24:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:23:53.548135 2026] [security2:error] [pid 3573:tid 3573] [client 104.207.36.62:11893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "windisfun.com"] [uri "/config/.env"] [unique_id "aZW9aVzQkqxUTABH4ewCrgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-02-18 13:15:05 (3 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:43:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:43:01.473706 2026] [security2:error] [pid 29134:tid 29134] [client 104.207.36.62:63909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weissdavis.com"] [uri "/admin/.env"] [unique_id "aZWz1Uq7t-K-ZKb64fbMWgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 158 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 201.165.64.49

🇺🇸 162.216.150.196

🇳🇱 91.92.40.24

🇳🇱 91.92.40.8

🇸🇬 47.82.13.159

🇳🇱 93.123.109.166

🇺🇸 67.209.80.182

🇸🇬 47.79.15.90

🇷🇺 5.167.66.41

🇨🇳 1.92.197.197

🇺🇸 2620:171:e0:f0::243

🇺🇸 162.216.150.253

🇺🇸 136.109.44.240

🇳🇵 113.199.225.48

🇳🇬 102.91.72.181

🇫🇮 80.223.200.184

🇺🇸 74.215.237.81

🇧🇷 45.238.136.181

🇳🇬 41.242.115.84

🇺🇸 24.14.236.153