JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.76

104.207.35.76 was found in our database!

This IP was reported 160 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.76

Whois 104.207.35.76

IP Abuse Reports for 104.207.35.76:

This IP address has been reported a total of 160 times from 21 distinct sources. 104.207.35.76 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-11 05:17:05 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 relianoid.com	2026-04-28 07:10:13 (1 month ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2026-04-17 21:33:12 (1 month ago)	Forum/form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-02-07 23:51:41 (4 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-01-10 00:58:42 (5 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2025-12-16 03:41:23 (5 months ago)	2025-12-16T05:41:23.634481+02:00 zanati wp(www.sahpa.co.za)[978041]: Blocked authentication attempt ... show more 2025-12-16T05:41:23.634481+02:00 zanati wp(www.sahpa.co.za)[978041]: Blocked authentication attempt for [email protected] from 104.207.35.76 ... show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 00:32:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 19:32:37.125713 2025] [security2:error] [pid 22797:tid 22797] [client 104.207.35.76:60819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lifeinsmoke.com"] [uri "/.env"] [unique_id "aTduJaTM1M9dP4Z8ujgWJAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:11:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:11:16.220963 2025] [security2:error] [pid 10473:tid 10473] [client 104.207.35.76:13633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fgrotary.org"] [uri "/.git/HEAD"] [unique_id "aTV89JMr75OJpQdAt2NmbQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:31:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:31:20.311110 2025] [security2:error] [pid 8157:tid 8229] [client 104.207.35.76:59151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trolanrestoration.com"] [uri "/.svn/wc.db"] [unique_id "aTKKSO40w3umcRrHQUXmbwAAAdA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 19:58:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 14:58:52.415341 2025] [security2:error] [pid 8750:tid 8750] [client 104.207.35.76:51839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.surviquo.com"] [uri "/.git/HEAD"] [unique_id "aSdb_LRhOZFf8Sk5o3OdJwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 15:55:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 10:55:21.373433 2025] [security2:error] [pid 31072:tid 31072] [client 104.207.35.76:38329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.rschaefer.net"] [uri "/.git/HEAD"] [unique_id "aSci6QY9j7twE_SKTy7_xwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:28:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:28:30.970423 2025] [security2:error] [pid 16824:tid 16856] [client 104.207.35.76:13417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.alred.net"] [uri "/.env"] [unique_id "aSbWTs97VZ-sS76jFmyCEQAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:08:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:08:08.615275 2025] [security2:error] [pid 10266:tid 10266] [client 104.207.35.76:10991] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.roguetechhub.com"] [uri "/.env"] [unique_id "aSaZSNkGsecAUoq7LSB_LQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:25:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:25:13.009437 2025] [security2:error] [pid 12394:tid 12394] [client 104.207.35.76:53043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.hongkonger.org"] [uri "/.git/HEAD"] [unique_id "aSZzGcd6czW6SY2LXGMOxQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 160 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 85.217.140.19

🇨🇳 222.186.68.153

🇺🇸 172.236.111.197

🇨🇭 35.216.201.9

🇮🇳 34.100.138.60

🇺🇸 192.210.193.216

🇩🇪 167.94.145.29

🇫🇮 80.66.83.80

🇺🇸 74.7.241.57

🇱🇹 45.227.254.170

🇵🇰 38.100.220.101

🇦🇺 34.151.150.29

🇧🇷 189.113.47.155

🇦🇷 186.13.24.118

🇩🇪 185.168.31.173

🇺🇬 102.36.220.29

🇸🇬 52.237.80.79

🇺🇸 34.174.133.191

🇧🇷 34.95.246.116

🇧🇪 34.77.47.64