JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.26

104.207.35.26 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.26

Whois 104.207.35.26

IP Abuse Reports for 104.207.35.26:

This IP address has been reported a total of 134 times from 16 distinct sources. 104.207.35.26 was first reported on June 4th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:06:12 (3 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 relianoid.com	2026-04-20 22:36:57 (1 month ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-02-21 05:56:56 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-11 17:09:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 12:09:09.421147 2026] [security2:error] [pid 13435:tid 13435] [client 104.207.35.26:14697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquascapes.net"] [uri "/wp/.git/config"] [unique_id "aYy3tbSDt3VYkFWBUqOowAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ReporTR	2026-02-10 09:39:30 (3 months ago)	Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. ... show more Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. IP banned. show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:22:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:22:54.087725 2026] [security2:error] [pid 1881809:tid 1881809] [client 104.207.35.26:9281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icoinedthewordironesty.com"] [uri "/site/.git/config"] [unique_id "aYqynhdFGsBjpWW3EpEJRgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:54:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:54:12.394047 2026] [security2:error] [pid 23830:tid 23830] [client 104.207.35.26:64769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howardsooley.com"] [uri "/test/.git/config"] [unique_id "aYpllLswYkP9Cw97ooSqtQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-19 04:06:34 (4 months ago)	Forum/form spam	Web Spam
🇧🇪 taivas.nl	2026-01-18 02:02:11 (4 months ago)	Wordpress_xmlrpc_attack	Bad Web Bot
Anonymous	2025-12-03 17:15:43 (6 months ago)	botnet	DDoS Attack
🇵🇱 sefinek.net	2025-12-01 01:19:34 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-24 09:54:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:54:01.847290 2025] [security2:error] [pid 1399:tid 1399] [client 104.207.35.26:35355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lesdwiniarczyk.com"] [uri "/.git/HEAD"] [unique_id "aSQrOS_zHSISoBW4U6wY2QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:22:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:22:01.510621 2025] [security2:error] [pid 3664:tid 3664] [client 104.207.35.26:33251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.fingershrine.com"] [uri "/.git/HEAD"] [unique_id "aSQVqZhQt9qNSf0VnOTPswAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:42:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:42:50.010008 2025] [security2:error] [pid 9060:tid 9060] [client 104.207.35.26:56487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jspd.com"] [uri "/.env"] [unique_id "aSP-apQYoZJzkbx5RSWxkwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 120.28.166.179

🇺🇸 104.194.8.142

🇺🇸 72.167.50.103

🇮🇩 36.65.191.176

🇵🇱 146.59.16.105

🇺🇸 137.184.213.196

🇮🇳 117.236.124.188

🇮🇩 103.203.233.130

🇧🇩 103.153.130.35

🇸🇬 101.47.156.21

🇫🇷 94.176.161.172

🇱🇹 81.30.98.144

🇱🇹 81.30.98.62

🇫🇷 62.210.142.168

🇫🇷 51.159.110.167

🇺🇸 47.88.6.39

🇧🇷 45.189.94.135

🇳🇱 45.8.17.16

🇺🇸 44.174.236.222

🇮🇩 36.66.121.131