JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.236

104.207.35.236 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 31%: ?

31%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.236

Whois 104.207.35.236

IP Abuse Reports for 104.207.35.236:

This IP address has been reported a total of 148 times from 24 distinct sources. 104.207.35.236 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 10:11:01 (2 weeks ago)	[da.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide ... show more [da.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide=true \| distinct_ips=25 \| /wp-login.php show less	Hacking Web App Attack
🇦🇺 MAGIC	2026-06-02 01:23:02 (2 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 LSPCCU	2026-05-28 16:57:17 (3 weeks ago)	TSEC Honeypot Network report. Threat score: 74/100. Categories: DDoS Attack, Hacking, Brute-Force, W ... show more TSEC Honeypot Network report. Threat score: 74/100. Categories: DDoS Attack, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: 104. show less	DDoS Attack Hacking Brute-Force Web App Attack SSH
Anonymous	2026-05-28 13:17:56 (3 weeks ago)	[ns31.kdns.gr] httpd-login-spray-site: sites=ceramics-menegis.gr; logs=/var/log/httpd/domains/cerami ... show more [ns31.kdns.gr] httpd-login-spray-site: sites=ceramics-menegis.gr; logs=/var/log/httpd/domains/ceramics-menegis.gr.log; samples=site_wide=true \| distinct_ips=13 \| /wp-login.php show less	Hacking Web App Attack
🇮🇹 Progetto1	2026-05-27 07:50:02 (3 weeks ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇲🇽 octageeks.com	2026-05-24 04:09:52 (3 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇹 Malta	2026-05-23 15:29:30 (3 weeks ago)	104.207.35.236 - - [23/May/2026:17:29:29 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 104.207.35.236 - - [23/May/2026:17:29:29 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇺🇸 lostswordfish.com	2026-05-23 10:42:04 (3 weeks ago)	Wordfence waf block on jestrellafoundation	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-02-15 16:31:17 (4 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-02-15 11:45:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:45:46.961534 2026] [security2:error] [pid 25331:tid 25331] [client 104.207.35.236:17917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thoughtage.org"] [uri "/new/.git/config"] [unique_id "aZGx6jB_ICMVFCDflo9YqAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:19:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:19:21.016182 2026] [security2:error] [pid 7412:tid 7412] [client 104.207.35.236:37573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "superiorhandyman.net"] [uri "/.git/config"] [unique_id "aZFXWY5Tx0DQPP3D5aEbWQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:25:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:25:27.960382 2026] [security2:error] [pid 13606:tid 13606] [client 104.207.35.236:54317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stringview.com"] [uri "/api/.git/config"] [unique_id "aZFKt3hzeqmQbaLGlhJjUQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 04:05:36 (4 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:40:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:40:25.426963 2026] [security2:error] [pid 24983:tid 24983] [client 104.207.35.236:56919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stellwagenmusic.com"] [uri "/backend/.env"] [unique_id "aZFAKf2l65i5HMH26RYo7AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:332::132

🇺🇸 143.137.166.231

🇵🇰 103.172.26.29

🇺🇸 91.230.168.92

🇷🇴 80.94.95.245

🇺🇸 57.141.20.17

🇺🇸 47.251.253.42

🇭🇺 45.9.168.243

🇬🇧 2a06:4880:6000::7f

🇳🇱 185.223.235.28

🇺🇸 172.111.186.18

🇺🇸 162.216.150.63

🇫🇮 147.185.133.90

🇺🇸 141.11.88.3

🇺🇸 91.230.168.148

🇺🇸 73.5.5.45

🇺🇸 69.164.213.157

🇺🇸 65.49.1.154

🇰🇷 59.24.133.197

🇺🇸 17.246.23.170