JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.188

104.207.34.188 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 44%: ?

44%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.188

Whois 104.207.34.188

IP Abuse Reports for 104.207.34.188:

This IP address has been reported a total of 157 times from 27 distinct sources. 104.207.34.188 was first reported on June 11th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lostswordfish.com	2026-06-19 21:28:03 (1 day ago)	Wordfence waf block on kcuar	Web App Attack
Anonymous	2026-06-19 18:31:51 (1 day ago)	[osotir.org] httpd-login-spray-site: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.lo ... show more [osotir.org] httpd-login-spray-site: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.log; samples=site_wide=true \| distinct_ips=12 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-18 16:33:20 (2 days ago)	(y4) Failed scan -byebye- from 104.207.34.188 (US/United States/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-06-17 02:02:55 (4 days ago)	(y4) Failed scan -byebye- from 104.207.34.188 (US/United States/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-06-15 20:13:11 (5 days ago)	(y4) Failed scan -byebye- from 104.207.34.188 (US/United States/-): (CF_ENABLE)	Hacking
🇬🇷 setupgr	2026-06-14 12:07:54 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.34.188: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.34.188: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 14 15:07:52.888829 2026] [security2:error] [pid 921869:tid 921957] [client 104.207.34.188:31691] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.fashionfragonard.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.fashionfragonard.gr"] [uri "/wp-login.php"] [unique_id "ai6ZmF7fuOvzHSXykmymnwAAAAw"], referer: https://mail.fashionfragonard.gr/wp-login.php show less	Port Scan
🇳🇿 billyborsht	2026-06-13 02:47:44 (1 week ago)	2026-06-13T14:47:43.360124+12:00 southern wordpress(klezmer.co.nz)[677884]: Authentication attempt f ... show more 2026-06-13T14:47:43.360124+12:00 southern wordpress(klezmer.co.nz)[677884]: Authentication attempt for unknown user wpadminerlzp from 104.207.34.188 ... show less	Hacking Web App Attack
🇭🇺 bcsaba	2026-06-12 23:37:00 (1 week ago)	CMS (WordPress or Joomla) login attempt. 104.207.34.188 - - [13/Jun/2026:01:36:59 +0200] "POST /wp-l ... show more CMS (WordPress or Joomla) login attempt. 104.207.34.188 - - [13/Jun/2026:01:36:59 +0200] "POST /wp-login.php HTTP/1.1" 200 3521 "https://REDACTED/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" show less	Hacking Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-12 15:36:49 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.34.188: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.34.188: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 18:36:44.203341 2026] [security2:error] [pid 351324:tid 351501] [client 104.207.34.188:10095] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.pankoskal.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.pankoskal.gr"] [uri "/wp-login.php"] [unique_id "aiwnjK6PDvwc_i5kBP4zNAAAAMM"], referer: https://mail.pankoskal.gr/wp-login.php show less	Port Scan
🇬🇷 setupgr	2026-06-12 00:55:01 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.34.188: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.34.188: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 03:54:59.622902 2026] [security2:error] [pid 52837:tid 52988] [client 104.207.34.188:20313] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: tavernadimitris.com"] [severity "CRITICAL"] [tag "security"] [hostname "tavernadimitris.com"] [uri "/wp-login.php"] [unique_id "aitY46xogjHUCwCkDflbewAAAIY"], referer: https://tavernadimitris.com/wp-login.php show less	Port Scan
🇫🇷 pm33	2026-06-10 16:22:36 (1 week ago)	Wordpress login attempts	Brute-Force
🇺🇸 mnsf	2026-06-10 00:09:48 (1 week ago)	Scanning/Probing (24)	Brute-Force Web App Attack
Anonymous	2026-04-12 06:20:31 (2 months ago)	Attempt to scan vulnerabilities	Hacking
🇺🇸 TPI-Abuse	2026-02-24 11:14:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 06:14:04.043661 2026] [security2:error] [pid 15975:tid 15975] [client 104.207.34.188:50589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nhgfd.banis-associates.com"] [uri "/.git/config"] [unique_id "aZ2H_H7cTdlL5ywGlPgl6QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-24 08:48:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 03:47:56.351222 2026] [security2:error] [pid 29275:tid 29275] [client 104.207.34.188:22059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "holgerfeld.internetnameregistration.com"] [uri "/.git/config"] [unique_id "aZ1lvB8r6OsTbJsJXKNCywAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 213.221.155.84

🇩🇪 213.209.159.227

🇸🇪 213.100.194.117

🇻🇳 160.30.160.196

🇨🇳 123.187.243.243

🇵🇱 92.55.226.167

🇺🇸 66.132.172.118

🇸🇬 45.78.201.248

🇭🇰 43.155.24.42

🇧🇷 189.1.139.42

🇺🇸 185.191.171.14

🇨🇳 150.255.95.183

🇺🇸 136.113.214.39

🇮🇱 130.185.102.59

🇮🇳 47.31.93.121

🇭🇰 199.45.155.70

🇵🇰 139.135.45.40

🇿🇦 105.233.66.167

🇳🇱 45.148.10.151

🇺🇸 23.251.34.171