JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.208

104.207.35.208 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.208

Whois 104.207.35.208

IP Abuse Reports for 104.207.35.208:

This IP address has been reported a total of 144 times from 14 distinct sources. 104.207.35.208 was first reported on June 11th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-04-21 03:32:35 (1 month ago)	[TueApr2105:32:30.3964562026][security2:error][pid2446757:tid2446779][client104.207.35.208:0]ModSecu ... show more [TueApr2105:32:30.3964562026][security2:error][pid2446757:tid2446779][client104.207.35.208:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"bicycleambulance.ch\"][uri\"/dump.sql\"][unique_id\"aebvziM_zKWpNOzXIlsA3gAAAFM\"] show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-04-15 11:45:39 (1 month ago)	Banned by SPAMHAUS ASN-DROP list (ASN: 200373)	DDoS Attack Hacking Bad Web Bot Web App Attack
🇪🇸 librebit	2026-04-09 14:49:05 (1 month ago)	Brute force	Brute-Force
Anonymous	2026-04-05 22:15:30 (2 months ago)	Banned by SPAMHAUS ASN-DROP list (ASN: 200373)	DDoS Attack Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 16:16:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 11:16:26.986401 2026] [security2:error] [pid 21483:tid 21483] [client 104.207.35.208:40383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antoniocobo.com"] [uri "/new/.git/config"] [unique_id "aYtZ2jTNaOtCbnxRQUN5PAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ParaBug	2026-02-10 15:32:12 (3 months ago)	104.207.35.208 - - [10/Feb/2026:16:32:12 +0100] "GET /.env.production HTTP/1.1" 301 555 "-" "Mozilla ... show more 104.207.35.208 - - [10/Feb/2026:16:32:12 +0100] "GET /.env.production HTTP/1.1" 301 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Phishing Brute-Force Web App Attack
🇳🇱 i-turnradio.nl	2026-02-10 03:03:49 (3 months ago)	2026-02-10 04:03:49 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:58:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:58:16.033232 2026] [security2:error] [pid 29829:tid 29829] [client 104.207.35.208:26823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingmanrents.com"] [uri "/frontend/.env"] [unique_id "aYqeyKuf5ZM-DJnLU8-8fQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:32:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:32:31.657804 2026] [security2:error] [pid 8047:tid 8047] [client 104.207.35.208:19505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinareemagazine.com"] [uri "/test/.git/config"] [unique_id "aYqYvyc7s3PTmYEuS2Wx9wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:10:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:10:04.114834 2026] [security2:error] [pid 10600:tid 10600] [client 104.207.35.208:55025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hydrogenplus.net"] [uri "/api/.git/config"] [unique_id "aYqTfOLuzJeZQ4DmhEIZqAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:26:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:26:13.271137 2026] [security2:error] [pid 32279:tid 32279] [client 104.207.35.208:26763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hudready.com"] [uri "/backup/.git/config"] [unique_id "aYp7JbC24QDfHfRlqK3TZwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:54:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:54:23.592903 2026] [security2:error] [pid 16012:tid 16012] [client 104.207.35.208:22473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kenmalone.com"] [uri "/.env"] [unique_id "aYpzr7aLEhqr_OOvy_H59gAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:11:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:10:42.273905 2026] [security2:error] [pid 841:tid 841] [client 104.207.35.208:35731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hppagewideflorida.com"] [uri "/.env.save"] [unique_id "aYppctD7Z3tGQQ-WBOGxIAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:14:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:14:42.747745 2026] [security2:error] [pid 17733:tid 17733] [client 104.207.35.208:22705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotglassgallery.com"] [uri "/api/.git/config"] [unique_id "aYpcUs393K218xOcNn9DZQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 SOC Blue Team	2026-01-16 17:48:24 (4 months ago)	Tatic: TA0006 \| Technique: T1110 \| Source: TAP \| Country Destination: BR	Brute-Force

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 35.203.210.229

🇻🇳 160.187.147.124

🇮🇪 54.195.191.219

🇫🇷 31.220.75.209

🇳🇱 176.65.139.66

🇨🇦 162.219.178.250

🇺🇸 162.216.150.24

🇫🇷 92.103.134.183

🇷🇺 80.78.245.233

🇷🇺 46.191.185.151

🇵🇰 205.164.134.176

🇺🇸 172.236.117.243

🇰🇷 121.66.37.108

🇮🇳 115.247.159.106

🇲🇲 37.111.53.110

🇺🇸 2a02:4780:b:1919:0:17c9:c011:1

🇨🇳 124.117.195.118

🇨🇳 117.40.113.224

🇨🇦 69.49.112.72

🇨🇳 60.172.168.136