JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.199

104.207.34.199 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.199

Whois 104.207.34.199

IP Abuse Reports for 104.207.34.199:

This IP address has been reported a total of 149 times from 24 distinct sources. 104.207.34.199 was first reported on June 8th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-02-15 12:10:14 (4 months ago)	Try to access /app/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:00:54 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:00:51.488818 2026] [security2:error] [pid 23900:tid 23900] [client 104.207.34.199:23299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pamelaweisberg.com"] [uri "/.env.staging"] [unique_id "aZG1c8U-sgAKEp5tLyHp7QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-02-15 11:52:09 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:33:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:33:10.541968 2026] [security2:error] [pid 1118654:tid 1118654] [client 104.207.34.199:9863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "p-co.com"] [uri "/dev/.git/config"] [unique_id "aZGu9kzc9IKgg9HpIweMXgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:35:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:35:16.681677 2026] [security2:error] [pid 31545:tid 31545] [client 104.207.34.199:15635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prospecinspections.com"] [uri "/dev/.git/config"] [unique_id "aZFpJMfOGIQ2yUJ4ZuznnwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:20:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:19:58.429618 2026] [security2:error] [pid 11303:tid 11303] [client 104.207.34.199:45655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scifitimeline.com"] [uri "/.env.save"] [unique_id "aZFljlxGpEhs_tzpxciOEAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:26:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:26:37.711214 2026] [security2:error] [pid 29631:tid 29631] [client 104.207.34.199:28729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sandboxspeech.org"] [uri "/.env.staging"] [unique_id "aZFK_enQZhEjIK0-4ipk7wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:59:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:59:09.243368 2026] [security2:error] [pid 29422:tid 29422] [client 104.207.34.199:35751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notepromd.com"] [uri "/app/.git/config"] [unique_id "aZFEjdy3cQoYq8bXwwco1gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:14:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:14:08.970213 2026] [security2:error] [pid 16309:tid 16309] [client 104.207.34.199:13425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sabbathseminars.net"] [uri "/test/.git/config"] [unique_id "aZE6AK3vS7pkmf6rjbohoQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:40:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:39:56.899092 2026] [security2:error] [pid 16629:tid 16651] [client 104.207.34.199:38483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plumeraproductions.com"] [uri "/.env.staging"] [unique_id "aZEx_I0dBptQCLod9Kq-SgAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 piticu iuli	2026-02-15 02:32:14 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.34.199 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 02:13:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:13:53.607593 2026] [security2:error] [pid 22840:tid 22840] [client 104.207.34.199:27555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newmooncafe.com"] [uri "/admin/.env"] [unique_id "aZEr4VghZoxrAen69kX4RAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:48:50 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:48:45.826150 2026] [security2:error] [pid 4732:tid 4732] [client 104.207.34.199:30147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "piratecostumesonline.com"] [uri "/frontend/.env"] [unique_id "aZEl_dYQpLmPn0Fe13DuRAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-02-15 01:41:42 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.34.199 (US/United States/-)	SQL Injection
🇨🇭 Origon	2026-02-15 01:23:49 (4 months ago)	http-sensitive-files - IP: 104.207.34.199 - time="2026-02-15T02:23:49+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.34.199 - time="2026-02-15T02:23:49+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.34.199 (US/200373) : 4h ban on Ip 104.207.34.199" module=db show less	Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.191.19

🇰🇷 175.207.215.60

🇺🇸 172.190.89.127

🇳🇱 172.94.9.74

🇮🇳 171.61.19.165

🇺🇸 147.185.132.253

🇺🇸 45.156.129.92

🇩🇴 38.44.240.149

🇨🇱 173.194.91.150

🇺🇸 162.216.150.194

🇺🇸 146.190.149.252

🇰🇷 121.164.135.251

🇨🇳 118.196.48.68

🇨🇳 116.179.37.235

🇨🇳 116.179.37.153

🇺🇸 103.143.10.140

🇩🇪 82.165.109.70

🇺🇸 45.43.58.160

🇰🇷 218.148.106.182

🇫🇷 194.59.31.117