JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.134

104.207.35.134 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.134

Whois 104.207.35.134

IP Abuse Reports for 104.207.35.134:

This IP address has been reported a total of 150 times from 21 distinct sources. 104.207.35.134 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-25 12:03:53 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack
🇬🇧 PeravixGroup	2026-05-11 10:20:17 (3 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-07 06:23:17 (4 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇮🇹 Rosh	2026-03-23 20:08:50 (2 months ago)	[03/23/26 21:08:50] Restricted access detected by web app	Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 08:23:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:23:40.912070 2026] [security2:error] [pid 5953:tid 6037] [client 104.207.35.134:49863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/bb/8c4fe0b5e9208c9c32ad4468b2831165a1710c"] [unique_id "aak9jO9_LUubsM0EwzyRlQAAAc0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 17:14:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 12:14:19.623200 2025] [security2:error] [pid 6995:tid 6995] [client 104.207.35.134:13957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.andiamocomputers.com"] [uri "/.env"] [unique_id "aSiG6yEnXqnPG1qCdMJLQwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:14:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:13:59.897868 2025] [security2:error] [pid 14226:tid 14332] [client 104.207.35.134:47969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hauntingofkeystone.omegaoak.com"] [uri "/.svn/wc.db"] [unique_id "aSVXN5F6HRvJfyrmJlm-owAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:10:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:10:48.782835 2025] [security2:error] [pid 22511:tid 22511] [client 104.207.35.134:19563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.poohippie.com"] [uri "/.svn/wc.db"] [unique_id "aSVIaO4kUGs1SqnAtOzhzgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:52:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:52:11.476842 2025] [security2:error] [pid 875308:tid 875308] [client 104.207.35.134:58823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.newcitypark.com"] [uri "/.env"] [unique_id "aSVECxui2ipeF5j1XNbqWQAAAC4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:51:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:51:36.718999 2025] [security2:error] [pid 27771:tid 27771] [client 104.207.35.134:22139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.isyourcompanysafe.com"] [uri "/.svn/wc.db"] [unique_id "aSU12OB57lxuJUS8z_idcQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:53:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:53:29.898974 2025] [security2:error] [pid 10657:tid 10657] [client 104.207.35.134:18557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.mvscouts.org"] [uri "/.git/HEAD"] [unique_id "aSUoOQsvbC9fV-7Pv77cpgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:30:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:30:42.604376 2025] [security2:error] [pid 15099:tid 15099] [client 104.207.35.134:14549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.macroprintbooks.com"] [uri "/.git/HEAD"] [unique_id "aSUi4oNvtvs5mJKqc_pGqQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:30:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:30:49.112351 2025] [security2:error] [pid 18989:tid 18989] [client 104.207.35.134:42355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.haco.us"] [uri "/.git/HEAD"] [unique_id "aSUU2fgWuZFCXRoQpxU_SgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:59:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:59:42.686079 2025] [security2:error] [pid 14267:tid 14267] [client 104.207.35.134:38923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.parkhan.com"] [uri "/.env"] [unique_id "aSUNjtq5aUTJFvT6CUBQEwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:42:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:42:50.872338 2025] [security2:error] [pid 1647140:tid 1647178] [client 104.207.35.134:22995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gsji.org"] [uri "/.env"] [unique_id "aSUJmsWdNO_bFaD03ZYP3wAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 90.205.98.163

🇮🇩 2a02:4780:6:1965:0:22e1:d74b:1

🇫🇷 185.202.223.106

🇭🇰 165.154.40.205

🇺🇸 138.68.4.170

🇸🇦 51.36.232.130

🇸🇬 47.245.97.82

🇳🇱 45.195.200.26

🇳🇱 160.119.78.95

🇸🇬 114.119.155.118

🇬🇧 101.36.97.80

🇺🇸 74.125.80.149

🇬🇧 35.203.211.121

🇻🇪 200.8.185.22

🇰🇷 175.208.192.186

🇳🇱 45.148.10.141

🇺🇸 43.130.106.18

🇨🇳 36.35.126.165

🇬🇧 35.203.210.110

🇨🇳 27.19.51.125