JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.240

104.207.35.240 was found in our database!

This IP was reported 146 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.240

Whois 104.207.35.240

IP Abuse Reports for 104.207.35.240:

This IP address has been reported a total of 146 times from 22 distinct sources. 104.207.35.240 was first reported on June 4th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-05-06 06:49:42 (4 weeks ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-05-03 19:38:26 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-38.104.207.35.240.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-38.104.207.35.240.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-04-29 20:49:59 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-49.104.207.35.240.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-49.104.207.35.240.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇬🇧 relianoid.com	2026-03-11 12:01:49 (2 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 xmission.com	2026-02-26 13:24:59 (3 months ago)	Blocked by UFW (TCP on 80) Source port: 53261 TTL: 53 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 53261 TTL: 53 Packet length: 60 TOS: 0x00 This report (for 104.207.35.240) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 kommunos	2026-02-10 06:22:07 (3 months ago)	/config/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:49:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:49:49.085703 2026] [security2:error] [pid 1509815:tid 1509815] [client 104.207.35.240:13655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kithouse.org"] [uri "/backend/.env"] [unique_id "aYqq3bXkJpsRUpvNc-dDjQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:09:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:09:40.068226 2026] [security2:error] [pid 2441:tid 2441] [client 104.207.35.240:27771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinhung.com"] [uri "/.env.local"] [unique_id "aYqhdKvKy5lvlfLh2vgpXgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:01:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:01:53.665919 2026] [security2:error] [pid 16153:tid 16153] [client 104.207.35.240:33995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdarmsta.com"] [uri "/backup/.git/config"] [unique_id "aYpnYY3Upslk9M8o5-eqhAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 22:18:16 (3 months ago)	Blocking for trying to access an exploit file: /backup/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-09 22:03:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:03:00.873925 2026] [security2:error] [pid 314193:tid 314193] [client 104.207.35.240:27633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathiekate.com"] [uri "/config/.env"] [unique_id "aYpZlMBzDMJhq7Ih5l1hfAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-02-02 03:50:21 (4 months ago)	Brute force	Brute-Force
🇦🇺 MAGIC	2026-01-11 02:12:31 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 inspectorgdgt	2025-12-24 22:00:00 (5 months ago)	VPN brute-force login attempts observed (bulk report).	Brute-Force

Showing 1 to 15 of 146 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 2404:6800:4003:c26::12a

🇱🇻 185.113.139.51

🇸🇬 165.154.236.104

🇨🇳 120.48.124.164

🇨🇦 69.49.112.73

🇮🇹 37.103.222.132

🇺🇸 23.180.120.140

🇮🇹 2.44.120.242

🇳🇱 192.142.24.39

🇧🇷 186.238.242.194

🇳🇪 129.222.105.106

🇻🇳 113.172.124.25

🇨🇳 223.245.217.156

🇮🇳 128.185.225.78

🇳🇱 85.121.127.137

🇲🇹 77.25.143.76

🇺🇸 72.18.83.212

🇻🇳 14.225.173.146

🇮🇹 5.89.75.194

🇺🇸 54.162.69.192