JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.3

104.207.35.3 was found in our database!

This IP was reported 105 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.3

Whois 104.207.35.3

IP Abuse Reports for 104.207.35.3:

This IP address has been reported a total of 105 times from 29 distinct sources. 104.207.35.3 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-04 01:26:43 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 21:26:37.378501 2026] [security2:error] [pid 16345:tid 16345] [client 104.207.35.3:43375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.carjinn.net"] [uri "/.env"] [unique_id "aff1zf2YfRmqgq3y4PJw1wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Carsten	2026-05-01 03:16:25 (1 month ago)	GET [.env]	Port Scan
🇬🇧 poundawebsiteltd	2026-04-29 07:14:08 (1 month ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 104.207.35.3 - - [29/Apr/2026:08 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 104.207.35.3 - - [29/Apr/2026:08:14:06 +0100] GET / HTTP/1.1 403 3106 - Konqueror/3.0-rc4; (Konqueror/3.0-rc4; i686 Linux;;datecode) show less	Web App Attack
🇫🇷 masterguru	2026-04-28 10:00:16 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.35.3 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.35.3 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇪🇸 librebit	2026-03-24 08:13:57 (2 months ago)	Brute force	Brute-Force
🇦🇺 MAGIC	2026-03-21 00:28:26 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇳🇱 jjnxpct	2026-02-16 04:54:37 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /app/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /app/.env] show less	Hacking Web App Attack
Anonymous	2026-02-15 12:28:05 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.35.3 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 11:31:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:31:48.844230 2026] [security2:error] [pid 6535:tid 6535] [client 104.207.35.3:27465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ozera.com"] [uri "/backup/.git/config"] [unique_id "aZGupJ2e5KwJ2IP_TFN3LgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:55:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:54:59.906786 2026] [security2:error] [pid 699699:tid 699719] [client 104.207.35.3:39165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pueblodermatology.com"] [uri "/new/.git/config"] [unique_id "aZGmAz6RhBWn5rx309kUywAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 07:07:29 (3 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-02-15 07:05:12 (3 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇮🇹 mauri64	2026-02-15 07:00:01 (3 months ago)	lfd - (mod_security) mod_security (id:949110) triggered by 104.207.35.3 (-): 5 in the last 3600 secs	Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 06:53:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:53:52.077255 2026] [security2:error] [pid 1842:tid 1842] [client 104.207.35.3:20551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "orchestrateyouraptitudes.com"] [uri "/admin/.env"] [unique_id "aZFtgKsano903lXxS-KywQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:55:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:55:38.651803 2026] [security2:error] [pid 19486:tid 19486] [client 104.207.35.3:62889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omintara.com"] [uri "/api/.env"] [unique_id "aZFf2hWerREPzNC5QFUvuAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 105 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.64.89

🇹🇷 185.233.247.245

🇲🇴 182.93.50.90

🇧🇪 34.76.198.103

🇧🇪 34.53.158.166

🇺🇸 17.33.208.8

🇮🇪 2a05:d018:10df:d402:beb2:325b:7c1f:f46e

🇹🇼 110.25.109.54

🇺🇸 107.150.97.52

🇷🇺 85.113.142.194

🇺🇸 72.227.136.237

🇩🇪 51.195.109.79

🇬🇧 35.203.211.149

🇧🇪 34.53.168.166

🇧🇪 34.52.178.30

🇧🇪 34.38.239.118

🇧🇪 34.14.22.236

🇨🇳 27.47.3.250

🇺🇸 18.222.35.138

🇺🇸 17.33.208.9