JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.199

104.207.34.199 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.199

Whois 104.207.34.199

IP Abuse Reports for 104.207.34.199:

This IP address has been reported a total of 149 times from 24 distinct sources. 104.207.34.199 was first reported on June 8th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-02-15 12:10:14 (3 months ago)	Try to access /app/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:00:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:00:51.488818 2026] [security2:error] [pid 23900:tid 23900] [client 104.207.34.199:23299] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pamelaweisberg.com"] [uri "/.env.staging"] [unique_id "aZG1c8U-sgAKEp5tLyHp7QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-02-15 11:52:09 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:33:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:33:10.541968 2026] [security2:error] [pid 1118654:tid 1118654] [client 104.207.34.199:9863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "p-co.com"] [uri "/dev/.git/config"] [unique_id "aZGu9kzc9IKgg9HpIweMXgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:35:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:35:16.681677 2026] [security2:error] [pid 31545:tid 31545] [client 104.207.34.199:15635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prospecinspections.com"] [uri "/dev/.git/config"] [unique_id "aZFpJMfOGIQ2yUJ4ZuznnwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:20:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:19:58.429618 2026] [security2:error] [pid 11303:tid 11303] [client 104.207.34.199:45655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scifitimeline.com"] [uri "/.env.save"] [unique_id "aZFljlxGpEhs_tzpxciOEAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:26:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:26:37.711214 2026] [security2:error] [pid 29631:tid 29631] [client 104.207.34.199:28729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sandboxspeech.org"] [uri "/.env.staging"] [unique_id "aZFK_enQZhEjIK0-4ipk7wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:59:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:59:09.243368 2026] [security2:error] [pid 29422:tid 29422] [client 104.207.34.199:35751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notepromd.com"] [uri "/app/.git/config"] [unique_id "aZFEjdy3cQoYq8bXwwco1gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:14:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:14:08.970213 2026] [security2:error] [pid 16309:tid 16309] [client 104.207.34.199:13425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sabbathseminars.net"] [uri "/test/.git/config"] [unique_id "aZE6AK3vS7pkmf6rjbohoQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:40:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:39:56.899092 2026] [security2:error] [pid 16629:tid 16651] [client 104.207.34.199:38483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plumeraproductions.com"] [uri "/.env.staging"] [unique_id "aZEx_I0dBptQCLod9Kq-SgAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 piticu iuli	2026-02-15 02:32:14 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.34.199 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 02:13:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:13:53.607593 2026] [security2:error] [pid 22840:tid 22840] [client 104.207.34.199:27555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newmooncafe.com"] [uri "/admin/.env"] [unique_id "aZEr4VghZoxrAen69kX4RAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:48:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:48:45.826150 2026] [security2:error] [pid 4732:tid 4732] [client 104.207.34.199:30147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "piratecostumesonline.com"] [uri "/frontend/.env"] [unique_id "aZEl_dYQpLmPn0Fe13DuRAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-02-15 01:41:42 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.34.199 (US/United States/-)	SQL Injection
🇨🇭 Origon	2026-02-15 01:23:49 (3 months ago)	http-sensitive-files - IP: 104.207.34.199 - time="2026-02-15T02:23:49+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.34.199 - time="2026-02-15T02:23:49+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.34.199 (US/200373) : 4h ban on Ip 104.207.34.199" module=db show less	Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 195.3.220.7

🇬🇧 185.166.42.209

🇺🇸 185.8.107.58

🇩🇪 167.94.145.30

🇺🇸 124.198.131.39

🇨🇳 221.6.32.34

🇨🇳 218.0.56.78

🇵🇦 190.32.236.66

🇭🇰 172.253.237.19

🇨🇳 171.15.131.165

🇦🇺 158.178.141.16

🇿🇦 129.232.165.250

🇳🇱 45.153.34.195

🇳🇱 45.153.34.112

🇪🇪 31.59.160.12

🇨🇳 220.197.78.124

🇧🇩 182.48.68.82

🇵🇪 149.34.48.186

🇵🇱 144.31.29.125

🇺🇸 142.4.31.180