JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.126

104.207.34.126 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.126

Whois 104.207.34.126

IP Abuse Reports for 104.207.34.126:

This IP address has been reported a total of 148 times from 23 distinct sources. 104.207.34.126 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-19 08:30:12 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
🇵🇱 sefinek.net	2026-03-25 08:56:30 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-19 05:28:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:28:35.356617 2026] [security2:error] [pid 14051:tid 14051] [client 104.207.34.126:28133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krystalsgiftshopandboutique.net"] [uri "/app/.env"] [unique_id "aZafg4HlPfRrMi1LbaBu9wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 conseilgouz	2026-02-18 23:26:09 (4 months ago)	vee-17 : Block hidden directories=>/.env.staging(/)	Hacking
🇺🇸 TPI-Abuse	2026-02-18 22:55:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 17:55:46.739043 2026] [security2:error] [pid 12729:tid 12729] [client 104.207.34.126:38827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "varalla.com"] [uri "/site/.git/config"] [unique_id "aZZDcg12kgDA8-VfinO3XAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 20:14:52 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:14:49.555388 2026] [security2:error] [pid 3063:tid 3063] [client 104.207.34.126:53615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "transparentforest.com"] [uri "/admin/.env"] [unique_id "aZYduczOKV7rxhXZA78sKQAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:57:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:57:34.259696 2026] [security2:error] [pid 8256:tid 8278] [client 104.207.34.126:63069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "touficcorban.com"] [uri "/test/.git/config"] [unique_id "aZYZrge0_k0zcavpyCeBmAAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:45:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:45:07.868485 2026] [security2:error] [pid 25614:tid 25614] [client 104.207.34.126:38719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thomasandross.com"] [uri "/.env"] [unique_id "aZYIs6eiHWWul0Je9SlMhQAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-18 17:07:32 (4 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:10:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:10:24.603344 2026] [security2:error] [pid 24262:tid 24262] [client 104.207.34.126:32207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wbcsnet.com"] [uri "/.env.staging"] [unique_id "aZWsMBvzXu0AGHbS67bOEwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-01-04 06:40:04 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇹 VHosting	2026-01-02 13:00:16 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:53 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-24 09:26:11 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:26:04.709148 2025] [security2:error] [pid 243932:tid 243968] [client 104.207.34.126:20011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wrci.newtrendmag.org"] [uri "/.git/HEAD"] [unique_id "aSQkrFc8EtVRkmyAMevmbwAAAQM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 139.170.72.159

🇮🇹 101.57.22.1

🇧🇷 2a09:bac5:aa6:24be::3a9:6a

🇳🇱 185.136.15.10

🇸🇬 172.217.97.24

🇨🇳 120.234.232.184

🇨🇳 106.12.144.153

🇸🇨 45.194.67.26

🇨🇳 36.106.79.55

🇹🇷 5.181.87.106

🇺🇸 195.184.76.133

🇺🇸 195.184.76.69

🇹🇷 194.62.118.180

🇦🇷 190.220.172.154

🇦🇷 181.44.117.67

🇧🇷 177.182.215.42

🇮🇷 151.234.117.115

🇮🇹 151.115.165.172

🇨🇳 139.170.72.49

🇯🇵 124.155.125.131