JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.57

104.207.35.57 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.57

Whois 104.207.35.57

IP Abuse Reports for 104.207.35.57:

This IP address has been reported a total of 147 times from 21 distinct sources. 104.207.35.57 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 rh24	2026-03-28 05:46:22 (2 months ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 104.207.35.57 (US/Un ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 104.207.35.57 (US/United States/-) show less	Bad Web Bot
Anonymous	2026-03-27 12:15:03 (2 months ago)	Forum/form spam	Web Spam
🇧🇷 hostseries	2026-01-16 17:34:44 (5 months ago)	Trigger: LF_DISTATTACK	Brute-Force
Anonymous	2026-01-11 19:01:57 (5 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2026-01-10 18:09:07 (5 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2025-11-27 20:43:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:43:03.478154 2025] [security2:error] [pid 19292:tid 19292] [client 104.207.35.57:30651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "computerpartsrecovery.com"] [uri "/.svn/wc.db"] [unique_id "aSi316oURVRuEehdYDCv-wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:56:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:56:22.161483 2025] [security2:error] [pid 10803:tid 10803] [client 104.207.35.57:38985] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.webtony.net"] [uri "/.git/HEAD"] [unique_id "aSU29s6aSF5eCrGkz5owYQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:25:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:25:16.061127 2025] [security2:error] [pid 26474:tid 26474] [client 104.207.35.57:46903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rodzillacharters.com"] [uri "/.git/HEAD"] [unique_id "aSUvrIPeQZQEfmyHGZrRgAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:24:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:24:47.084876 2025] [security2:error] [pid 14103:tid 14103] [client 104.207.35.57:51547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.garnetcreek.com"] [uri "/.env"] [unique_id "aSUhf4BctHTFGD8ayHq3hQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ingroscart.it	2025-11-25 03:15:50 (6 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.35.57 (US/United States/-)	SQL Injection
🇱🇻 garmtech.com	2025-11-25 02:58:03 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:00:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:00:38.057397 2025] [security2:error] [pid 10826:tid 10826] [client 104.207.35.57:45937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nlc-calumet.org.dhsgrad.net"] [uri "/.env"] [unique_id "aSUNxgK6YufGoyFS6vvZ7QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 11:38:41 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.18 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 LRob.fr	2025-11-15 03:36:06 (7 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:10:43 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇬 213.131.76.71

🇰🇷 210.123.87.143

🇨🇳 182.138.158.128

🇩🇪 178.105.200.202

🇨🇳 120.82.82.241

🇨🇳 101.22.211.233

🇳🇱 91.92.40.11

🇺🇸 65.111.1.117

🇮🇳 52.140.47.13

🇮🇳 49.207.40.162

🇳🇱 45.156.128.5

🇺🇸 186.179.59.146

🇨🇳 182.113.114.172

🇭🇰 112.121.190.72

🇬🇧 86.161.118.142

🇵🇱 83.168.88.21

🇺🇸 74.235.117.106

🇬🇧 35.203.210.5

🇫🇷 2a10:4646:190::e69d:ea16

🇨🇳 210.16.168.11