JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.145

104.207.34.145 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.145

Whois 104.207.34.145

IP Abuse Reports for 104.207.34.145:

This IP address has been reported a total of 127 times from 14 distinct sources. 104.207.34.145 was first reported on June 6th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Carsten	2026-05-30 11:39:25 (1 week ago)	GET [wp.sql]	Port Scan
Anonymous	2026-04-12 06:30:39 (1 month ago)	Attempt to scan vulnerabilities	Hacking
Anonymous	2026-04-12 06:00:32 (1 month ago)	Sensitive file access attempt	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:43 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇫🇷 Thaliruth	2025-11-27 19:24:33 (6 months ago)	default:80 104.207.34.145 - - [27/Nov/2025:20:24:32 +0100] "GET /.aws/credentials HTTP/1.0" 404 421 ... show more default:80 104.207.34.145 - - [27/Nov/2025:20:24:32 +0100] "GET /.aws/credentials HTTP/1.0" 404 421 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" 104.207.34.145 - - [27/Nov/2025:20:24:32 +0100] "GET /.aws/credentials HTTP/1.1" 404 257 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:53:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:51:57.824636 2025] [security2:error] [pid 26133:tid 26133] [client 104.207.34.145:47301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.left-hander.com"] [uri "/.env"] [unique_id "aSQOneTEYBrdTRgal-xyuQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:46:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:45:58.969791 2025] [security2:error] [pid 14518:tid 14518] [client 104.207.34.145:46871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nsightsound.com"] [uri "/.svn/wc.db"] [unique_id "aSPxFn0oqq84rytWUS6eGgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:30:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:30:28.349245 2025] [security2:error] [pid 9639:tid 9639] [client 104.207.34.145:19933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.thomasgardner.com"] [uri "/.git/HEAD"] [unique_id "aSPtdDsfXSrUNINMzWiDlwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:33:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:44.623526 2025] [security2:error] [pid 26000:tid 26000] [client 104.207.34.145:59067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.xpd.us"] [uri "/.env"] [unique_id "aSPf7KNFcZYbvgQkXopUXAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:34:17 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-18 08:22:07 (7 months ago)	104.207.34.145 - - [18/Oct/2025:08:22:06 +0000] "GET /bothole/stinkwell.php?t=%27nvOpzp;%20AND%201=1 ... show more 104.207.34.145 - - [18/Oct/2025:08:22:06 +0000] "GET /bothole/stinkwell.php?t=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&start=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)), HTTP/1.1" 307 6100 "https://atari-forum.com/viewtopic.php?t=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&start=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO))," "-" ... show less	SQL Injection
Anonymous	2025-10-18 04:43:56 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-17 11:39:22 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-16 05:32:44 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-10 21:43:18 (7 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.26

🇳🇱 192.42.116.21

🇿🇦 168.210.180.87

🇭🇰 165.154.20.228

🇺🇸 146.190.63.248

🇺🇸 107.173.21.254

🇮🇷 85.133.193.72

🇱🇹 81.30.98.44

🇺🇸 50.62.22.47

🇰🇷 210.223.246.115

🇧🇷 187.95.4.243

🇧🇪 172.253.215.23

🇩🇪 156.236.31.85

🇺🇸 147.185.132.123

🇺🇸 146.19.39.254

🇻🇳 116.110.154.182

🇨🇳 101.96.200.56

🇨🇭 85.5.148.125

🇫🇷 62.210.124.132

🇧🇷 205.210.31.236