JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.28

104.207.35.28 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.28

Whois 104.207.35.28

IP Abuse Reports for 104.207.35.28:

This IP address has been reported a total of 144 times from 20 distinct sources. 104.207.35.28 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 i-turnradio.nl	2026-02-24 05:11:53 (3 months ago)	2026-02-24 06:11:53 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇳🇱 jjnxpct	2026-02-16 04:54:58 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /api/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /api/.env] show less	Hacking Web App Attack
🇺🇸 mnsf	2026-02-16 02:06:07 (3 months ago)	Too many Status 40X (13) Scanning/Probing (13)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-15 22:59:22 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-15	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-15 11:33:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:33:16.402791 2026] [security2:error] [pid 26766:tid 26766] [client 104.207.35.28:56329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tausiet.com"] [uri "/app/.git/config"] [unique_id "aZGu_MOmlJkTDhesSOeG7QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:26:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:26:26.561985 2026] [security2:error] [pid 23980:tid 23980] [client 104.207.35.28:23057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "supportourlibrary.org"] [uri "/backup/.git/config"] [unique_id "aZFZAjwT-UnuZYnGWIrSngAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:01:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:01:22.525521 2026] [security2:error] [pid 6994:tid 6994] [client 104.207.35.28:16635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "summithost.com"] [uri "/api/.env"] [unique_id "aZFTIh86IlZjBp16b-KFfQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:00:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:00:23.596328 2026] [security2:error] [pid 250824:tid 250886] [client 104.207.35.28:14637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stoborough.com"] [uri "/.env.save"] [unique_id "aZFE17zgCarsQLWpGm2ivAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:42:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:42:14.150072 2026] [security2:error] [pid 21196:tid 21196] [client 104.207.35.28:43597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sporttaekwondo.net"] [uri "/admin/.env"] [unique_id "aZEyho9ClZke88IdYY0nawAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:11:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:11:37.641286 2026] [security2:error] [pid 25804:tid 25804] [client 104.207.35.28:47787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mympizzas.com.mx"] [uri "/.env"] [unique_id "aZErWWeBZTsyjzDA5hWdVgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:20:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:20:17.209835 2026] [security2:error] [pid 13979:tid 13979] [client 104.207.35.28:16753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mundanestudies.org"] [uri "/admin/.env"] [unique_id "aZEfUZ8_CowpStllLO9ekgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 01:06:22 (3 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:40:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:40:50.367336 2026] [security2:error] [pid 22884:tid 22884] [client 104.207.35.28:28189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lucasabrahamsen.org"] [uri "/.env.staging"] [unique_id "aZEWEjJxczpAeeDJFt5-nAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:02:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:02:44.945690 2026] [security2:error] [pid 28855:tid 28855] [client 104.207.35.28:9831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "longleggedblond.com"] [uri "/api/.git/config"] [unique_id "aZENJJrdwIbAb2PV3RnuZQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:48:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:48:53.200749 2026] [security2:error] [pid 14291:tid 14291] [client 104.207.35.28:57495] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "morefrogs.com"] [uri "/app/.git/config"] [unique_id "aZD71SR5hsZ4GgLRz7WPBQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.233.30.19

🇬🇧 217.146.80.105

🇮🇶 212.237.122.17

🇬🇹 200.119.180.20

🇵🇪 190.238.57.126

🇰🇷 183.104.26.197

🇮🇳 143.110.186.36

🇮🇩 103.24.74.145

🇺🇸 65.49.1.115

🇹🇼 220.130.187.188

🇩🇪 213.209.159.56

🇺🇸 205.210.31.51

🇲🇽 187.233.80.19

🇲🇽 186.96.145.241

🇵🇰 162.4.163.62

🇻🇺 138.226.239.11

🇺🇸 138.68.42.188

🇺🇸 137.184.32.56

🇨🇳 116.178.130.188

🇺🇸 66.132.186.140