JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.172

104.207.34.172 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.172

Whois 104.207.34.172

IP Abuse Reports for 104.207.34.172:

This IP address has been reported a total of 137 times from 14 distinct sources. 104.207.34.172 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-03-29 08:35:26 (2 months ago)	Brute force	Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-11-30 13:09:58 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 04:54:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:54:35.242933 2025] [security2:error] [pid 21229:tid 21229] [client 104.207.34.172:27063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "femmefire.vanemby.com"] [uri "/.git/HEAD"] [unique_id "aSU2i1HkBKF5aB29UedjiAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:55:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:55:37.766727 2025] [security2:error] [pid 17611:tid 17611] [client 104.207.34.172:37315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.emisoni.com"] [uri "/.env"] [unique_id "aSUouXVP9nlfT9rPkxYmQwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:11:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:11:46.192023 2025] [security2:error] [pid 3845:tid 3845] [client 104.207.34.172:16247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.valueandmeaning.com"] [uri "/.git/HEAD"] [unique_id "aSUecsiFJoXdwXrNdCMhgwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:28:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:27:59.089949 2025] [security2:error] [pid 12654:tid 12654] [client 104.207.34.172:38351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.awcadvocate.com"] [uri "/.svn/wc.db"] [unique_id "aSUULxG9rObSsnqE9xB-IAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:08:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:08:32.297820 2025] [security2:error] [pid 17022:tid 17055] [client 104.207.34.172:46047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.charliefranks.com"] [uri "/.svn/wc.db"] [unique_id "aSUPoGe42NY3FNbGoYB44gAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:11:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:11:30.663729 2025] [security2:error] [pid 3548:tid 3548] [client 104.207.34.172:28197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.newsfromearth.com"] [uri "/.git/HEAD"] [unique_id "aSUCQgmkKJ9sIOEViF3G1gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:06:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:05:50.399921 2025] [security2:error] [pid 18460:tid 18460] [client 104.207.34.172:13311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.hienle.com"] [uri "/.env"] [unique_id "aSTy3ke1X3bbE915LqaaRwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 12:06:22 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-18 06:14:20 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-14 07:56:29 (7 months ago)	GlobalProtect login attempts with user ehollenbeck.	VPN IP Brute-Force
Anonymous	2025-10-11 07:14:17 (7 months ago)	Attempted brute force login to web vpn 182 time(s); last attempt for 2025.10.11 is noted in report t ... show more Attempted brute force login to web vpn 182 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 21:36:53 (7 months ago)	Attempted brute force login to web vpn 180 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 180 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-09 23:48:46 (7 months ago)	Attempted brute force login to web vpn 216 time(s); last attempt for 2025.10.09 is noted in report t ... show more Attempted brute force login to web vpn 216 time(s); last attempt for 2025.10.09 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.18

🇺🇸 198.12.65.213

🇳🇱 194.120.230.28

🇨🇳 61.178.209.47

🇳🇱 45.148.10.157

🇩🇪 192.109.200.78

🇩🇪 167.94.146.38

🇺🇸 107.174.245.62

🇭🇰 103.210.237.224

🇸🇬 103.187.146.107

🇺🇸 66.132.195.112

🇺🇸 66.132.172.16

🇯🇵 47.74.13.101

🇬🇧 35.203.211.81

🇶🇦 20.173.116.24

🇮🇷 5.239.173.208

🇺🇸 216.180.246.137

🇫🇮 185.233.82.35

🇺🇸 147.182.183.153

🇳🇱 64.89.162.139