JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.92

104.207.35.92 was found in our database!

This IP was reported 153 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.92

Whois 104.207.35.92

IP Abuse Reports for 104.207.35.92:

This IP address has been reported a total of 153 times from 22 distinct sources. 104.207.35.92 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-03-31 04:02:14 (2 months ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-02-19 05:12:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:12:29.699105 2026] [security2:error] [pid 7298:tid 7298] [client 104.207.35.92:52453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kraftrentals.com"] [uri "/.env.staging"] [unique_id "aZabvWU1I1M4cn2ZqYFGVgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-19 04:05:36 (3 months ago)	Scanning/Probing (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 03:16:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:16:05.437403 2026] [security2:error] [pid 7835:tid 7835] [client 104.207.35.92:46205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kevinjewell.com"] [uri "/new/.git/config"] [unique_id "aZaAdS0k3pegc836G42E2QAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:53:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:53:09.356803 2026] [security2:error] [pid 15907:tid 15907] [client 104.207.35.92:37357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thumbmotorsales.com"] [uri "/.env.staging"] [unique_id "aZYKlY4ByP975ARC4p1u8gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:27:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:27:43.673287 2026] [security2:error] [pid 5332:tid 5332] [client 104.207.35.92:35217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webjemm.net"] [uri "/backup/.git/config"] [unique_id "aZWwP2FdbfBeQNnodXNU0wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 03:47:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 22:47:06.034360 2026] [security2:error] [pid 4276:tid 4276] [client 104.207.35.92:31983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertanders.com"] [uri "/config/.env"] [unique_id "aZU2OucUhbdANLzDzC0ICwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-18 02:24:27 (3 months ago)	Blocking for trying to access an exploit file: /backup/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-18 00:56:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:56:50.125677 2026] [security2:error] [pid 3802708:tid 3802740] [client 104.207.35.92:37611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paygulf.com"] [uri "/v2/.git/config"] [unique_id "aZUOUkszKXuwv-DtimK5aAAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-02-16 01:00:07 (3 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇩 Burayot	2026-02-03 04:14:52 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.35.92 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.35.92 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇦🇺 oncord	2026-01-21 07:55:14 (4 months ago)	Form spam	Web Spam
🇦🇺 MAGIC	2026-01-19 02:07:41 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 oncord	2026-01-04 05:53:01 (5 months ago)	Form spam	Web Spam
Anonymous	2025-12-12 16:39:56 (5 months ago)	botnet	DDoS Attack

Showing 1 to 15 of 153 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.166.84.45

🇺🇸 195.184.76.200

🇬🇧 185.247.137.100

🇸🇬 84.247.145.61

🇬🇧 81.19.219.206

🇧🇬 79.124.62.126

🇺🇸 52.180.137.77

🇧🇷 45.205.1.17

🇦🇺 35.244.125.61

🇩🇪 34.179.169.61

🇩🇪 34.40.21.167

🇺🇸 206.223.228.199

🇳🇱 192.42.116.107

🇸🇬 178.128.115.84

🇺🇸 173.239.240.155

🇺🇸 172.234.199.190

🇭🇰 114.111.52.109

🇱🇹 81.30.98.144

🇷🇴 80.94.92.164

🇫🇮 74.125.46.19