JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.125

104.207.35.125 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.125

Whois 104.207.35.125

IP Abuse Reports for 104.207.35.125:

This IP address has been reported a total of 138 times from 18 distinct sources. 104.207.35.125 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 04:21:25 (3 weeks ago)	Brute force	Brute-Force
Anonymous	2026-05-12 20:39:12 (1 month ago)	Multiple failed login attemps RDS-Web-Access-Server	Brute-Force Web App Attack
🇱🇻 garmtech.com	2025-12-04 16:16:38 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-16.104.207.35.125.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 18-16.104.207.35.125.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:53 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-26 11:05:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:05:10.589527 2025] [security2:error] [pid 9541:tid 9576] [client 104.207.35.125:55767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.goodfridaygolf.com"] [uri "/.svn/wc.db"] [unique_id "aSbe5mMy3HNq1n2SMluCwAAAAQM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:36:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:36:27.323119 2025] [security2:error] [pid 30107:tid 30107] [client 104.207.35.125:42349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.tradesecretintrust.com"] [uri "/.env"] [unique_id "aSaf62K23WbYPlo9lwDuwwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:47:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:47:35.693813 2025] [security2:error] [pid 18412:tid 18412] [client 104.207.35.125:10477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.graduationinvitationsonline.com"] [uri "/.svn/wc.db"] [unique_id "aSVRBwXVyfPG1IO-PSSZ3AAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:12:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:12:41.378721 2025] [security2:error] [pid 1817000:tid 1817024] [client 104.207.35.125:10215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.digitaltalkingbible.com"] [uri "/.svn/wc.db"] [unique_id "aSUsuZiXM9qjzOaPIgQilQAAAUw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:54:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:54:44.270698 2025] [security2:error] [pid 27438:tid 27572] [client 104.207.35.125:32937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.beckhofmann.com"] [uri "/.svn/wc.db"] [unique_id "aSQdVG60hxJlTAkLJ2BBsgAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:55:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:54:55.601926 2025] [security2:error] [pid 30409:tid 30409] [client 104.207.35.125:54551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rallyegroup.com"] [uri "/.git/HEAD"] [unique_id "aSPzL665BuaT1GSuh57PiAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2025-10-18 20:09:26 (7 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-10-18 00:42:13 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-10-18 00:09:24 (7 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SpaceHost-Server	2025-10-17 22:25:30 (7 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-10-17 20:09:24 (7 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.32.162.16

🇷🇴 80.94.92.171

🇷🇴 2.57.122.177

🇺🇸 162.216.149.126

🇺🇸 150.107.38.202

🇨🇳 146.56.229.214

🇮🇷 109.122.246.165

🇺🇸 72.90.84.62

🇺🇸 64.62.156.212

🇩🇪 3.125.168.113

🇭🇰 199.45.155.91

🇲🇽 189.194.140.170

🇮🇪 185.192.16.98

🇵🇱 151.115.48.199

🇧🇬 79.124.62.230

🇺🇸 71.105.140.242

🇩🇪 69.5.169.234

🇬🇧 35.203.210.143

🇹🇷 31.145.131.202

🇧🇷 205.210.31.226