JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.49

104.207.35.49 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.49

Whois 104.207.35.49

IP Abuse Reports for 104.207.35.49:

This IP address has been reported a total of 149 times from 20 distinct sources. 104.207.35.49 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-01 21:17:25 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-18 02:29:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 21:29:37.306569 2026] [security2:error] [pid 7732:tid 7732] [client 104.207.35.49:64369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renperfco.com"] [uri "/frontend/.env"] [unique_id "aZUkEVNWRsKLTQvMpvGFGQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:54:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:54:35.066710 2026] [security2:error] [pid 2922188:tid 2922188] [client 104.207.35.49:56385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paxbrewing.com"] [uri "/.env.save"] [unique_id "aZUNyxcFG-cbmSoyjvVAyQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:00:23 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 04:47:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:47:18.791169 2026] [security2:error] [pid 15951:tid 15951] [client 104.207.35.49:53635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnawebinc.com"] [uri "/app/.git/config"] [unique_id "aYq4Vp2DIZuCIOYQe3yT7QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:23:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:23:21.016553 2026] [security2:error] [pid 1968:tid 1968] [client 104.207.35.49:33397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kircali.net"] [uri "/.env.production"] [unique_id "aYqkqSflSt_BaNIP6RYprwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:50:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:50:25.310292 2026] [security2:error] [pid 1398003:tid 1398003] [client 104.207.35.49:53743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madisonworkshopwest.com"] [uri "/dev/.git/config"] [unique_id "aYqc8XDcQNtEoays4zh5agAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:24:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:24:21.524113 2026] [security2:error] [pid 27021:tid 27021] [client 104.207.35.49:48909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keidar.com"] [uri "/admin/.git/config"] [unique_id "aYpspTX4KYu9RQYTFeEFWwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-22 18:26:27 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 techboy117	2025-11-14 00:51:07 (6 months ago)	Blocking due to password spraying.	Brute-Force
Anonymous	2025-10-27 18:17:59 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.27 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.27 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-21 18:15:50 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.21 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-19 01:17:43 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.19 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-18 11:48:16 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.8.107.155

🇻🇳 160.30.113.59

🇻🇳 115.77.111.2

🇻🇳 103.186.101.237

🇺🇸 40.124.173.251

🇺🇸 135.119.235.82

🇺🇸 124.198.132.189

🇱🇹 62.60.130.210

🇺🇸 52.248.40.89

🇺🇸 20.168.7.107

🇺🇸 20.80.83.115

🇧🇴 190.181.25.210

🇯🇴 176.29.27.42

🇩🇪 167.94.145.23

🇺🇸 165.154.36.105

🇨🇳 115.190.165.143

🇩🇪 87.182.69.204

🇧🇷 45.140.193.156

🇺🇸 2604:a880:400:d1:0:4:8c0b:1001

🇺🇸 185.180.141.49