JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.96

104.207.36.96 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.96

Whois 104.207.36.96

IP Abuse Reports for 104.207.36.96:

This IP address has been reported a total of 155 times from 23 distinct sources. 104.207.36.96 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-03-31 12:14:07 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇫🇷 masterguru	2026-03-30 07:43:29 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.96 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.96 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇱🇻 garmtech.com	2026-03-27 23:35:30 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇫🇷 masterguru	2026-03-26 15:29:04 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.96 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.96 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇺🇸 TPI-Abuse	2026-02-13 13:08:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:08:20.530273 2026] [security2:error] [pid 30357:tid 30357] [client 104.207.36.96:36437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikeberro.com"] [uri "/backend/.env"] [unique_id "aY8iRAuyIk2ekzDfJlJZqQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:07:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:07:44.302104 2026] [security2:error] [pid 23185:tid 23212] [client 104.207.36.96:61797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metrobaselexpoforum.org"] [uri "/.env.production"] [unique_id "aY7p4EKMgqDnCKBKPq-YtgAAANg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:23:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:23:27.962047 2026] [security2:error] [pid 32463:tid 32463] [client 104.207.36.96:22311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "malta-boat-registration.com"] [uri "/backend/.env"] [unique_id "aY6LH3MxZ1suBsi75gFVUQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2026-02-13 01:10:12 (3 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 mnsf	2026-02-13 01:05:29 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:08:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:08:14.909557 2026] [security2:error] [pid 3801069:tid 3801069] [client 104.207.36.96:41333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cvoguemag.com"] [uri "/.env"] [unique_id "aY4I_lcJsW5drY9ECCD2sgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:54:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:54:53.575435 2026] [security2:error] [pid 21603:tid 21603] [client 104.207.36.96:60517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "destructionstudios.com"] [uri "/.git/config"] [unique_id "aY33zbWm4ntB-MtYtCyzFAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 02:44:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:44:31.532077 2026] [security2:error] [pid 1161440:tid 1161440] [client 104.207.36.96:34705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arsndetx.com"] [uri "/admin/.env"] [unique_id "aY0-j52J8PbYxMwbeVS2MAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 12:52:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 07:52:37.772076 2026] [security2:error] [pid 13987:tid 13987] [client 104.207.36.96:19375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamedayincentives.com"] [uri "/.env.save"] [unique_id "aYx7lUeU2EdSjkMEw8l1mgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 02:16:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 21:16:35.459798 2026] [security2:error] [pid 20710:tid 20710] [client 104.207.36.96:34807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "futurbike.it"] [uri "/.git/config"] [unique_id "aYvmgxJmQbcaxi0f5eZ8hgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 22:50:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 17:50:04.569969 2026] [security2:error] [pid 7575:tid 7690] [client 104.207.36.96:41861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "funerariafernandez.net"] [uri "/.git/config"] [unique_id "aYu2HCPv6jKGUCAKDcbQZAAAAQk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.220.37.203

🇮🇳 182.95.47.2

🇩🇪 162.249.127.50

🇺🇸 98.191.77.249

🇳🇱 86.54.31.34

🇮🇳 59.145.160.134

🇫🇮 217.179.49.103

🇵🇰 203.128.10.138

🇳🇱 193.176.31.214

🇧🇿 190.197.31.229

🇮🇳 182.95.228.22

🇷🇺 176.109.97.11

🇨🇴 170.239.205.133

🇩🇪 167.94.145.28

🇩🇪 144.31.117.175

🇨🇳 125.88.160.13

🇨🇳 119.6.55.57

🇨🇳 117.69.255.239

🇹🇼 111.70.23.230

🇺🇸 91.230.168.144