JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.242

104.207.35.242 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.242

Whois 104.207.35.242

IP Abuse Reports for 104.207.35.242:

This IP address has been reported a total of 130 times from 14 distinct sources. 104.207.35.242 was first reported on June 11th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 03:54:49 (9 hours ago)	Web App Attack	Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-18 22:01:20 (1 month ago)	Auto-ban: >3000 req/min op 2026-05-18	Web App Attack SSH Hacking
🇺🇸 nowyouknow	2026-04-17 08:47:59 (2 months ago)	(From [email protected]) Hi Michael C. Smatt, DC, I’ve built and trained an AI employee ... show more (From [email protected]) Hi Michael C. Smatt, DC, I’ve built and trained an AI employee specifically for Michael C. Smatt, DC. It’s already been trained on 6+ hours worth of your publicly available data — your website, Google Business Profile, and more. It knows how to answer customer questions, capture leads, and even follow up — just like a team member would. This isn’t a sales call. It’s a 20-minute demo where you can actually interact with the AI employee and see what it can do. Would today or tomorrow work for a quick walkthrough? Schedule a time on my calendar to meet the agent I trained for you and see what she can do here: getdandy.com/ff-trained-agent or call me at (949)-755-7782 Talk soon, Thank you, Jennifer O'Brien \| Director of Operations GetDandy getdandy.com/ff-trained-agent Unsubscribe here: bit.ly/42wnUsa show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2026-02-20 05:29:09 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 00:29:01.752601 2026] [security2:error] [pid 9336:tid 9336] [client 104.207.35.242:22475] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|apsni.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "apsni.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZfxHfNCNQm_tnqJEdop3AAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-01-13 00:02:22 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇪🇸 10dencehispahard SL	2026-01-12 06:38:29 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-12-14 23:29:58 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-25 05:27:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:26:56.187838 2025] [security2:error] [pid 6780:tid 6780] [client 104.207.35.242:57225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cbcfargo.com"] [uri "/.svn/wc.db"] [unique_id "aSU-ID_TdwTnkIPbvbApUgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:08:54 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:08:39.226558 2025] [security2:error] [pid 620:tid 620] [client 104.207.35.242:24477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jam-pak.com"] [uri "/.env"] [unique_id "aSUrxyWlrI1kODNND6p2xQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:08:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:08:18.972969 2025] [security2:error] [pid 19702:tid 19702] [client 104.207.35.242:27987] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.linhsbridal.com"] [uri "/.svn/wc.db"] [unique_id "aSUdopIKXptFl9C5JsOQygAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:41:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:41:19.905225 2025] [security2:error] [pid 16406:tid 16406] [client 104.207.35.242:18729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.deltasouls.com"] [uri "/.git/HEAD"] [unique_id "aSUXT_i4W6zvBw4EL9kDIwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:20:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:20:14.389806 2025] [security2:error] [pid 10094:tid 10094] [client 104.207.35.242:52397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.dpcreamery.com"] [uri "/.svn/wc.db"] [unique_id "aSUSXr8C3gi4sAqbi28vyQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-01 12:29:35 (7 months ago)	Attempted brute force login to web vpn 13 time(s); last attempt for 2025.11.01 is noted in report ti ... show more Attempted brute force login to web vpn 13 time(s); last attempt for 2025.11.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-26 17:58:46 (7 months ago)	Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.26 is noted in report ti ... show more Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.26 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-23 18:07:15 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.23 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.23 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.206

🇧🇷 179.63.180.254

🇮🇪 176.34.218.138

🇫🇷 91.231.89.213

🇳🇱 45.148.10.147

🇺🇸 18.221.179.104

🇺🇦 185.218.138.19

🇺🇦 176.103.6.176

🇳🇱 172.94.9.55

🇵🇰 154.57.223.59

🇭🇰 152.32.225.108

🇹🇷 87.232.125.97

🇹🇭 61.7.144.60

🇬🇧 35.203.211.63

🇺🇸 23.95.50.198

🇺🇸 3.220.148.166

🇸🇬 172.188.89.41

🇸🇬 152.42.240.74

🇩🇪 69.5.169.239

🇧🇷 45.205.1.76