JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.38

104.207.35.38 was found in our database!

This IP was reported 165 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.38

Whois 104.207.35.38

IP Abuse Reports for 104.207.35.38:

This IP address has been reported a total of 165 times from 21 distinct sources. 104.207.35.38 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-02 21:07:59 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.35.38 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.35.38 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇫🇷 masterguru	2026-03-27 10:23:59 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.35.38 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.35.38 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-03-25 18:18:03 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.35.38 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.35.38 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇺🇸 TPI-Abuse	2026-02-18 06:15:16 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 01:15:13.192537 2026] [security2:error] [pid 3942:tid 3942] [client 104.207.35.38:35049] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|chameleonpcs.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chameleonpcs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZVY8cg_rSSZPYq72hgJmQAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-02-07 01:26:04 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-24 00:08:07 (5 months ago)	wordpress-trap	Web App Attack
🇳🇱 i-turnradio.nl	2025-12-19 17:22:19 (5 months ago)	2025-12-19 @ 18:22:18 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack
Anonymous	2025-12-10 23:26:37 (5 months ago)	botnet	DDoS Attack
🇨🇭 backslash	2025-12-09 11:10:08 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 17:45:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:44:55.991212 2025] [security2:error] [pid 17613:tid 17613] [client 104.207.35.38:43993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "box903.com"] [uri "/.env"] [unique_id "aS8llzSxqZdnkZFnJ5rgUgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:39:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:39:01.617015 2025] [security2:error] [pid 13469:tid 13469] [client 104.207.35.38:39091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whodatnation.com"] [uri "/.git/HEAD"] [unique_id "aS5tZRgzK4aCCVZCs4y6lwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:12:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:12:24.000739 2025] [security2:error] [pid 10365:tid 10365] [client 104.207.35.38:44451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kinesiologiaenmovimiento.com"] [uri "/.git/HEAD"] [unique_id "aSUsp6wD0fhvZcbTDDlYtgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:36:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:36:33.507631 2025] [security2:error] [pid 26489:tid 26489] [client 104.207.35.38:37333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.archmediaptyltd.com"] [uri "/.env"] [unique_id "aSUkQQksFfVYTbV6F0hXjQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:15:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:15:52.902176 2025] [security2:error] [pid 28279:tid 28279] [client 104.207.35.38:40689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mosherpit.com"] [uri "/.svn/wc.db"] [unique_id "aSUfaEaKZzgv5hD_rz-ecgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:31:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:31:12.280409 2025] [security2:error] [pid 16368:tid 16368] [client 104.207.35.38:57565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nodepot.com"] [uri "/.env"] [unique_id "aSUU8HiHhTaDbgdIP3qJBgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 165 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 200.77.172.159

🇱🇹 81.30.98.44

🇷🇴 80.94.92.233

🇺🇸 34.20.137.183

🇳🇱 195.178.110.30

🇩🇪 165.154.164.79

🇨🇳 117.72.211.35

🇨🇳 106.13.121.200

🇳🇱 64.89.162.172

🇺🇸 34.174.42.97

🇹🇼 34.80.31.254

🇺🇸 162.217.166.60

🇨🇳 116.140.210.113

🇨🇳 101.96.200.56

🇷🇴 80.94.92.177

🇰🇷 49.254.50.11

🇮🇩 36.64.190.82

🇺🇸 17.241.227.52

🇺🇿 5.133.121.104

🇺🇸 198.98.62.211