JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.112

104.207.34.112 was found in our database!

This IP was reported 161 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.112

Whois 104.207.34.112

IP Abuse Reports for 104.207.34.112:

This IP address has been reported a total of 161 times from 23 distinct sources. 104.207.34.112 was first reported on June 4th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2026-01-23 07:28:17 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-01-07 20:48:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 15:48:51.917027 2026] [security2:error] [pid 21048:tid 21048] [client 104.207.34.112:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "upskirtcrazy.com"] [uri "/.env"] [unique_id "aV7GswjvmrE9c_4Z3nBl3gAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 chronos	2026-01-02 21:30:16 (5 months ago)	[AUTORAVALT][[02/01/2026 - 18:30:16 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [104. ... show more [AUTORAVALT][[02/01/2026 - 18:30:16 -03:00 UTC] Attack from [RIPE Network Coordination Centre] [104.207.34.112] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various oth] ... show less	Hacking Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-31 00:35:10 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇭🇷 IgorS.zg.hr	2025-12-30 13:05:21 (5 months ago)	Web application attack detected by fail2ban	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 10:53:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 05:53:15.497673 2025] [security2:error] [pid 19550:tid 19550] [client 104.207.34.112:31159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "el-pen.com"] [uri "/.svn/wc.db"] [unique_id "aVJdm7jiwn__gQrHArpACAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:36:17 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:36:12.991902 2025] [security2:error] [pid 28661:tid 28661] [client 104.207.34.112:37657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spotsysanta.com"] [uri "/.env"] [unique_id "aVI9fAQjzJtxAEKLd3-qJgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-29 06:52:06 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-29 06:28:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:27:54.995162 2025] [security2:error] [pid 25292:tid 25292] [client 104.207.34.112:26521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asbechiro.com"] [uri "/.env"] [unique_id "aVIfakBmm3oMuiYb4j3ORQAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:02:55 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:02:52.126400 2025] [security2:error] [pid 19932:tid 19932] [client 104.207.34.112:21033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dgroupsa.com"] [uri "/.git/HEAD"] [unique_id "aVIZjBKaywsuQTUbhJ0pgAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:37:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:37:50.215111 2025] [security2:error] [pid 12265:tid 12265] [client 104.207.34.112:56765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honeybeeplace.com"] [uri "/.git/HEAD"] [unique_id "aVITrteBNY1pH4breDZr-gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:18:11 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:18:06.294261 2025] [security2:error] [pid 11898:tid 11898] [client 104.207.34.112:47817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cnwire.com"] [uri "/.svn/wc.db"] [unique_id "aVIPDkpgRq6ovdKWkmMagAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2025-12-29 04:56:10 (5 months ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2025-12-29 04:40:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:40:38.683903 2025] [security2:error] [pid 9687:tid 9687] [client 104.207.34.112:27711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jmwilliamsrealty.com"] [uri "/.env"] [unique_id "aVIGRsRYt6TeiLez-svSKAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:13:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:13:37.509879 2025] [security2:error] [pid 2880:tid 2880] [client 104.207.34.112:16427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jimpharris.com"] [uri "/.env"] [unique_id "aVH_8UOfd1D2F3X792FA-AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 161 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 213.35.123.95

🇧🇷 177.66.173.25

🇨🇳 112.123.106.166

🇨🇳 112.97.203.199

🇨🇳 60.166.82.223

🇦🇺 54.66.7.35

🇯🇵 18.181.249.159

🇺🇸 13.52.79.117

🇬🇧 2a06:4880:8000::a4

🇺🇸 216.24.212.30

🇺🇸 208.84.100.251

🇨🇭 186.190.215.90

🇷🇺 176.109.97.11

🇻🇳 103.63.108.25

🇯🇵 54.249.193.245

🇺🇸 54.193.68.76

🇩🇪 45.130.202.75

🇬🇧 35.203.210.164

🇺🇸 20.64.106.118

🇩🇪 18.198.202.13