JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.201

104.207.35.201 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.201

Whois 104.207.35.201

IP Abuse Reports for 104.207.35.201:

This IP address has been reported a total of 131 times from 16 distinct sources. 104.207.35.201 was first reported on June 11th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-02-18 22:16:49 (4 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-09 12:41:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 07:41:22.038569 2026] [security2:error] [pid 17074:tid 17074] [client 104.207.35.201:22513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamepart.com"] [uri "/backup/.git/config"] [unique_id "aYnV8kYXjYONORTDbo6JQQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 10:13:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 05:13:00.576687 2026] [security2:error] [pid 12742:tid 12742] [client 104.207.35.201:16891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabver.com"] [uri "/app/.env"] [unique_id "aYmzLMaD-QHBCvE7xWxi7gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 05:23:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 00:23:02.751937 2026] [security2:error] [pid 1206:tid 1206] [client 104.207.35.201:37797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingworkingcapital.com"] [uri "/dev/.git/config"] [unique_id "aYlvNvL7_1wmhP8YLYvefQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 03:17:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 22:16:57.592339 2026] [security2:error] [pid 32575:tid 32575] [client 104.207.35.201:54169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuegolounge813.com"] [uri "/.env.local"] [unique_id "aYlRqbm19koKHA8GLOYqQAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 02:19:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 21:19:07.104779 2026] [security2:error] [pid 11742:tid 11742] [client 104.207.35.201:38037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fsmfl.com"] [uri "/admin/.git/config"] [unique_id "aYlEG4sDcRlbbousaWdtzwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-23 22:03:17 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-03.104.207.35.201.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-03.104.207.35.201.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:54 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇳 Mcshield.org	2025-11-30 23:48:12 (6 months ago)	Possible port scan detected from 104.207.35.201 (masscan/nmap signature)	Email Spam Port Scan
🇺🇸 TPI-Abuse	2025-11-25 06:19:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:19:33.165081 2025] [security2:error] [pid 18712:tid 18712] [client 104.207.35.201:10817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.digitalplanner.xyz"] [uri "/.env"] [unique_id "aSVKdaExRfRQBmr1f3VnyQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:35:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:35:41.851373 2025] [security2:error] [pid 29850:tid 29850] [client 104.207.35.201:41665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.billwegener.net"] [uri "/.svn/wc.db"] [unique_id "aSUyHUPhl-iu0HLfrrRibgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:07:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:06:57.560216 2025] [security2:error] [pid 8684:tid 8684] [client 104.207.35.201:19819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.gensou.net"] [uri "/.git/HEAD"] [unique_id "aSUrYfPnroGYJTfCEsJY6AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:11:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:10:56.257537 2025] [security2:error] [pid 810:tid 810] [client 104.207.35.201:11555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mobresearchinc.com"] [uri "/.git/HEAD"] [unique_id "aSUeQOpw9RRuVSpu6g5mwAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:49:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:49:44.847543 2025] [security2:error] [pid 24789:tid 24789] [client 104.207.35.201:14413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livelovebee.liddlesports.com"] [uri "/.env"] [unique_id "aST9KP7EhtCh9FobiAodKAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-04 15:06:31 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.04 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.180

🇮🇩 69.5.0.120

🇺🇸 64.233.237.249

🇺🇸 192.250.227.24

🇺🇸 130.131.220.95

🇹🇼 123.195.211.202

🇧🇩 103.153.110.190

🇺🇸 76.182.62.190

🇨🇳 27.188.178.138

🇮🇳 180.151.233.90

🇺🇸 173.25.42.30

🇿🇦 102.132.253.164

🇱🇹 81.30.98.49

🇱🇹 62.60.130.14

🇺🇸 20.9.92.37

🇫🇷 176.174.82.116

🇮🇳 143.110.177.177

🇯🇵 119.238.16.248

🇷🇴 80.94.92.186

🇮🇪 52.169.217.131