JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.71

104.207.35.71 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.71

Whois 104.207.35.71

IP Abuse Reports for 104.207.35.71:

This IP address has been reported a total of 139 times from 17 distinct sources. 104.207.35.71 was first reported on June 6th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-14 04:10:02 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-10.104.207.35.71.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 07-10.104.207.35.71.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 octageeks.com	2026-04-25 04:19:58 (1 month ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
Anonymous	2026-03-25 17:32:38 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 MAGIC	2026-03-05 00:29:31 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2026-01-24 01:12:11 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-01-19 20:35:56 (4 months ago)	Forum/form spam	Web Spam
🇺🇸 chronos	2026-01-02 21:30:25 (5 months ago)	[AUTORAVALT][[02/01/2026 - 18:30:24 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [104. ... show more [AUTORAVALT][[02/01/2026 - 18:30:24 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [104.207.35.71] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various othe] ... show less	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:44 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-29 08:50:44 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:50:38.589759 2025] [security2:error] [pid 20714:tid 20714] [client 104.207.35.71:31509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lawyerholidaycards.com"] [uri "/.env"] [unique_id "aVJA3mSmE1a_AV91klfqTwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 07:20:15 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 02:20:08.943393 2025] [security2:error] [pid 14684:tid 14684] [client 104.207.35.71:13245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suffolksystems.com"] [uri "/.git/HEAD"] [unique_id "aVIrqF3iVIYFKyx0WLXIswAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:03:30 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:03:22.606532 2025] [security2:error] [pid 17699:tid 17699] [client 104.207.35.71:16037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heron-ent.com"] [uri "/.svn/wc.db"] [unique_id "aVIZqrS_5Ts9bHzZc0NX8QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:51:36 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:51:30.897370 2025] [security2:error] [pid 9750:tid 9750] [client 104.207.35.71:53183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martinez-morera.com"] [uri "/.env"] [unique_id "aVII0k-3q6DNmbAI7_I0uQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:36:14 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:36:11.994301 2025] [security2:error] [pid 20047:tid 20047] [client 104.207.35.71:37779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wendeeholtcamp.com"] [uri "/.env"] [unique_id "aVH3KxIylzMaFCeYPyoEFgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-23 13:40:24 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇦🇺 MAGIC	2025-12-20 02:02:01 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 196.51.184.226

🇷🇺 154.83.196.237

🇸🇬 103.189.234.85

🇿🇲 102.150.211.253

🇺🇸 18.144.236.177

🇨🇳 180.114.148.88

🇮🇳 103.187.103.97

🇵🇰 72.255.19.252

🇲🇾 47.254.243.140

🇳🇱 45.148.10.152

🇻🇳 14.224.227.189

🇺🇸 13.58.180.208

🇷🇴 2.57.121.112

🇰🇷 220.80.245.16

🇮🇷 188.121.106.99

🇿🇦 160.226.144.154

🇩🇪 159.89.17.56

🇨🇳 118.123.116.93

🇩🇪 94.16.17.141

🇩🇪 88.214.25.123