JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.195

104.207.35.195 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.195

Whois 104.207.35.195

IP Abuse Reports for 104.207.35.195:

This IP address has been reported a total of 139 times from 19 distinct sources. 104.207.35.195 was first reported on June 11th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2026-01-26 07:24:04 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇮🇹 VHosting	2026-01-02 16:40:11 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:41:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:40:51.865195 2025] [security2:error] [pid 623:tid 623] [client 104.207.35.195:10061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kevinjewell.com"] [uri "/.svn/wc.db"] [unique_id "aSVBY-gUZKR6P29MJUk4KgAAAGw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:25:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:24:52.731315 2025] [security2:error] [pid 12172:tid 12172] [client 104.207.35.195:17913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.creartest.com"] [uri "/.env"] [unique_id "aSUvlMgKqN2siv8MUtv-vQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:53:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:53:16.929746 2025] [security2:error] [pid 750517:tid 750517] [client 104.207.35.195:42967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kfraser.com"] [uri "/.env"] [unique_id "aSUoLPxvazROR2Csp1sUIwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:07:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:07:07.838843 2025] [security2:error] [pid 22624:tid 22624] [client 104.207.35.195:39693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.club1069radio.com"] [uri "/.env"] [unique_id "aSUPSxcFHAdcEFG1ZqmmowAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:09:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:09:17.727200 2025] [security2:error] [pid 24005:tid 24005] [client 104.207.35.195:16657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.jamesrobertparish.com"] [uri "/.svn/wc.db"] [unique_id "aSTzrYIe2tz8dYyp-kv-LgAAAEA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 12:06:25 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-10-31 17:20:13 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.35.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 31 13:20:08.929622 2025] [security2:error] [pid 4553:tid 4553] [client 104.207.35.195:10199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|climasyequipos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "climasyequipos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQTvyKy2V0Yjy-HPpvyIEQAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-10-25 03:52:48 (7 months ago)	IM360 WAF: SQL Injection Attack: Common DB Names Detected	SQL Injection
🇨🇦 wil.com	2025-10-17 12:43:50 (7 months ago)	GlobalProtect login attempts with user fanglade.	VPN IP Brute-Force
Anonymous	2025-10-16 19:42:21 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-11 08:35:07 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 21:53:39 (7 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.10 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-09 16:44:20 (8 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.09 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 185.58.206.181

🇮🇳 103.89.136.111

🇱🇾 102.211.7.162

🇩🇪 68.183.212.68

🇬🇧 35.203.210.3

🇪🇸 5.56.58.49

🇫🇮 204.168.191.223

🇲🇿 197.219.208.58

🇫🇷 46.105.28.235

🇮🇳 27.123.94.94

🇺🇸 205.210.31.5

🇺🇸 108.167.177.224

🇦🇩 93.123.109.101

🇷🇴 92.118.39.62

🇫🇷 85.69.240.210

🇩🇪 47.254.142.112

🇻🇳 42.96.19.37

🇬🇧 35.203.211.128

🇨🇳 27.21.27.33

🇰🇷 14.54.22.11