JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.36.135

104.207.36.135 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 26%: ?

26%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.36.135

Whois 104.207.36.135

IP Abuse Reports for 104.207.36.135:

This IP address has been reported a total of 133 times from 16 distinct sources. 104.207.36.135 was first reported on June 7th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 webgobe	2026-06-11 04:28:54 (2 days ago)	wew-(rsform) : try to access forms...	Hacking
🇩🇪 LRob.fr	2026-06-06 10:45:09 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇮🇹 [email protected]	2026-05-16 15:13:07 (4 weeks ago)	[Sat May 16 17:13:01.554398 2026] [authz_core:error] [pid 715982:tid 716019] [remote 104.207.36.135: ... show more [Sat May 16 17:13:01.554398 2026] [authz_core:error] [pid 715982:tid 716019] [remote 104.207.36.135:10865] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php show less	Brute-Force Web App Attack
🇫🇷 solution.it	2026-05-16 00:03:52 (4 weeks ago)	[Sat May 16 02:03:51.744166 2026] [php7:error] [pid 3875192:tid 3875192] [client 104.207.36.135:5988 ... show more [Sat May 16 02:03:51.744166 2026] [php7:error] [pid 3875192:tid 3875192] [client 104.207.36.135:59883] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇬🇧 PeravixGroup	2026-05-11 05:10:19 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-08 06:41:42 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 masterguru	2026-03-29 14:37:26 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.135 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.36.135 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
Anonymous	2026-03-28 19:42:28 (2 months ago)	Forum/form spam	Web Spam
🇩🇪 big-cloud.nl	2026-02-10 22:29:11 (4 months ago)	Try to access /v2/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:53:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:53:29.636235 2026] [security2:error] [pid 1856048:tid 1856048] [client 104.207.36.135:13007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kittysalterations.com"] [uri "/.env.save"] [unique_id "aYqrueyO6ngCf4NUgooMAAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:35:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:35:01.292652 2026] [security2:error] [pid 28669:tid 28669] [client 104.207.36.135:62277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hughhart.com"] [uri "/config/.env"] [unique_id "aYp9NVNsOQnZOd8i8ffkDgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:04:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:04:23.682000 2026] [security2:error] [pid 2124703:tid 2124703] [client 104.207.36.135:59155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kentsavagelaw.com"] [uri "/.env.staging"] [unique_id "aYp2B49MmcVID2PJa0DyLQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:27:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:27:30.079318 2026] [security2:error] [pid 23732:tid 23732] [client 104.207.36.135:26255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithgill.com"] [uri "/api/.env"] [unique_id "aYptYpGkETkulaIaOOVZUQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:17:58 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.36.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:17:54.809383 2026] [security2:error] [pid 2499302:tid 2499302] [client 104.207.36.135:63121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotpay.co"] [uri "/admin/.env"] [unique_id "aYpdEubyabW4iik8sUXLmgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 22:05:34 (4 months ago)	Blocking for trying to access an exploit file: /backend/.env	Hacking

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.49.220

🇳🇱 185.242.226.19

🇨🇳 182.43.235.75

🇻🇳 171.231.194.224

🇻🇳 171.231.193.186

🇩🇪 167.94.146.65

🇮🇳 103.77.238.203

🇨🇦 85.217.149.12

🇹🇼 1.34.161.179

🇨🇳 223.91.89.152

🇺🇦 185.200.62.168

🇳🇱 176.65.148.147

🇦🇺 170.64.154.131

🇺🇸 142.215.167.167

🇨🇳 42.178.166.244

🇺🇸 216.39.249.244

🇵🇦 201.225.8.45

🇧🇷 191.252.156.214

🇺🇸 170.106.74.215

🇯🇵 108.165.201.128