JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.35.97

104.207.35.97 was found in our database!

This IP was reported 151 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.35.97

Whois 104.207.35.97

IP Abuse Reports for 104.207.35.97:

This IP address has been reported a total of 151 times from 21 distinct sources. 104.207.35.97 was first reported on June 3rd 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 07:04:57 (2 weeks ago)	Brute force	Brute-Force
🇬🇧 PeravixGroup	2026-05-03 01:31:43 (1 month ago)	Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HI ... show more Honeypot detection: Memcached unauthorized access / amplification attempt on port 2375. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇪🇸 librebit	2026-04-12 21:47:57 (1 month ago)	Brute force	Brute-Force
🇺🇸 Mundo Bueno	2026-04-05 02:43:16 (2 months ago)	[ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: US \| UA: PHP/5.3.03	Hacking Web App Attack
🇧🇷 hostseries	2025-12-24 06:55:55 (5 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇵🇱 sefinek.net	2025-12-19 07:49:58 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 _ArminS_	2025-12-14 00:05:38 (5 months ago)	SP-Scan 46961:2083 detected 2025.12.14 01:05:38 blocked until 2026.02.01 18:08:25	Port Scan
🇵🇱 IROK	2025-12-11 23:19:02 (5 months ago)	Firewall Blocked - Unauthorized Port Scanning ...	Port Scan
🇬🇧 openstrike.co.uk	2025-12-10 08:48:17 (5 months ago)	9 packets to port 2083	Port Scan
Anonymous	2025-12-07 16:08:42 (5 months ago)	botnet	DDoS Attack
🇺🇸 xmission.com	2025-11-25 07:37:59 (6 months ago)	Blocked by UFW (TCP on 80) Source port: 52651 TTL: 53 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 52651 TTL: 53 Packet length: 60 TOS: 0x00 This report (for 104.207.35.97) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:13:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:13:31.561708 2025] [security2:error] [pid 885711:tid 885711] [client 104.207.35.97:34993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.hppagewideprinting.com"] [uri "/.svn/wc.db"] [unique_id "aSVJC08u8PiQi-igiRkXCgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:48:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:48:51.820009 2025] [security2:error] [pid 16971:tid 16971] [client 104.207.35.97:21381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.raindropscrubs.linhsbridal.com"] [uri "/.git/HEAD"] [unique_id "aSVDQ-TOItzqU9nCi6Mx_wAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:28:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:28:39.645131 2025] [security2:error] [pid 7331:tid 7331] [client 104.207.35.97:53579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ourodyssey.us"] [uri "/.svn/wc.db"] [unique_id "aSU-hyw1B4R9kRt6JzuhIAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:38:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.35.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.35.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:38:08.049730 2025] [security2:error] [pid 25647:tid 25647] [client 104.207.35.97:59479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.chevronparkett.com"] [uri "/.git/HEAD"] [unique_id "aSUysDrbfgVb3cIt-Hp-HgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 151 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.53

🇩🇪 213.209.159.56

🇨🇭 209.99.190.200

🇨🇳 180.76.202.69

🇧🇷 168.197.205.20

🇸🇬 138.2.98.41

🇭🇰 101.79.167.192

🇳🇱 195.178.110.30

🇮🇩 180.148.24.118

🇺🇸 172.217.107.156

🇨🇳 120.92.105.170

🇻🇳 103.176.179.183

🇭🇰 8.217.192.50

🇬🇧 193.176.29.16

🇸🇦 87.109.145.25

🇯🇵 54.248.17.61

🇺🇸 44.254.217.77

🇺🇸 32.199.170.134

🇭🇰 199.45.154.179

🇮🇳 182.95.232.18