JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.90

104.207.36.90 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.90

Whois 104.207.36.90

IP Abuse Reports for 104.207.36.90:

This IP address has been reported a total of 137 times from 19 distinct sources. 104.207.36.90 was first reported on June 18th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-02 20:22:27 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.90 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.90 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-03-26 12:16:05 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.90 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.90 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-15 18:23:49 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
Anonymous	2026-03-02 02:21:59 (3 months ago)	Forum/form spam	Web Spam
Anonymous	2025-12-22 13:54:28 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:07:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:07:21.329355 2025] [security2:error] [pid 2181:tid 2181] [client 104.207.36.90:46105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.chezlubacov.xyz"] [uri "/.env"] [unique_id "aSUref_-b3oKQw5UmdorWQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:22:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:22:06.237146 2025] [security2:error] [pid 5233:tid 5233] [client 104.207.36.90:40855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.weatherbullies.com"] [uri "/.git/HEAD"] [unique_id "aSUg3jLBShFeGCP_GHXpUwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:10:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:10:22.198923 2025] [security2:error] [pid 25897:tid 25897] [client 104.207.36.90:40097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.christeningnapkins.com"] [uri "/.git/HEAD"] [unique_id "aSUB_jylr4skCUOspH5C-AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:33:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:33:24.569978 2025] [security2:error] [pid 14480:tid 14480] [client 104.207.36.90:11985] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.haco.us"] [uri "/.svn/wc.db"] [unique_id "aSP8NA3YlV9DN7ro2GqzEwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 00:58:16 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇵🇱 sefinek.net	2025-11-09 05:31:28 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇦 wil.com	2025-10-29 04:23:36 (7 months ago)	GlobalProtect login attempts with user oliviam.	VPN IP Brute-Force
🇦🇹 neo72	2025-10-19 05:17:05 (7 months ago)	Wordpress Attack	Web App Attack
Anonymous	2025-10-17 12:55:10 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.101.139.194

🇺🇸 162.216.149.253

🇫🇷 62.210.38.102

🇺🇸 3.21.167.223

🇺🇸 2607:f8b0:4001:c12::125

🇮🇳 182.95.178.158

🇨🇦 99.252.2.109

🇬🇧 35.203.211.178

🇬🇧 31.14.254.52

🇺🇸 18.226.85.116

🇵🇰 203.128.24.199

🇧🇷 187.33.59.116

🇰🇷 161.118.139.216

🇨🇳 120.48.148.35

🇨🇳 114.248.8.47

🇨🇳 111.61.87.152

🇮🇳 103.89.136.111

🇺🇸 159.250.150.250

🇨🇳 111.228.36.44

🇺🇸 66.132.186.247