JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.20

104.207.34.20 was found in our database!

This IP was reported 69 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.20

Whois 104.207.34.20

IP Abuse Reports for 104.207.34.20:

This IP address has been reported a total of 69 times from 13 distinct sources. 104.207.34.20 was first reported on June 13th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-04-18 01:19:02 (1 month ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.34.20 20 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.34.20 2026-04-17 07:38:29 /prod-api/v2/api-docs 2026-04-17 07:38:31 /api/swagger.json 2026-04-17 07:38:29 /v2/api-docs 2026-04-17 07:38:30 /swagger/docs/v1 2026-04-17 22:39:25 /druid/index.html 2026-04-17 07:38:31 /v3/api-docs 2026-04-17 07:38:30 /swagger/v1/swagger.json show less	Web App Attack
🇫🇷 Octopuce	2026-03-27 16:23:54 (2 months ago)	Aggressive web search of vulnerable pages: /index.php?view=%27&id=15%3adepuis-1988&catid=9 /index.ph ... show more Aggressive web search of vulnerable pages: /index.php?view=%27&id=15%3adepuis-1988&catid=9 /index.php?view=%22&id=15%3adepuis-1988&catid=9 /ind ... show less	Web App Attack
🇨🇳 ThreatBook.io	2026-01-22 02:09:45 (4 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.34.20 20 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.34.20 2026-01-21 20:56:38 /geoserver/rest.html show less	Web App Attack
🇺🇸 TPI-Abuse	2026-01-17 08:28:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 03:28:25.361754 2026] [security2:error] [pid 9676:tid 9676] [client 104.207.34.20:11931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.philadelphiasfirsttoastmasters.com"] [uri "/.env"] [unique_id "aWtIKZttE7ma8KpT5FWNtwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 18:36:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 13:36:49.732199 2026] [security2:error] [pid 8306:tid 8306] [client 104.207.34.20:38869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.goepf.com"] [uri "/.env"] [unique_id "aWqFQazc_faA5tXxdKvRSgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2025-12-31 01:05:17 (5 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.34.20 20 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.34.20 2025-12-30 22:46:25 /shop/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇺🇸 MPL	2025-11-26 01:19:27 (6 months ago)	tcp/80 (27 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2025-11-26 00:55:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:54:58.371699 2025] [security2:error] [pid 24141:tid 24141] [client 104.207.34.20:35361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.buffaloweddingreception.com"] [uri "/.git/HEAD"] [unique_id "aSZP4gok1dfVAD1fzI6xagAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 07:32:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:31:56.175929 2025] [security2:error] [pid 3067:tid 3067] [client 104.207.34.20:54361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.wilsonclassof81.org"] [uri "/.git/HEAD"] [unique_id "aSVbbDZDaVmd-ZS1g4xB_QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:19:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:19:37.982606 2025] [security2:error] [pid 1817001:tid 1817043] [client 104.207.34.20:14135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eceinal.com"] [uri "/.svn/wc.db"] [unique_id "aSU8aWR1ttxeyDpsCa9t8wAAAYQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 12:08:20 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-17 19:50:50 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-06 22:45:35 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.06 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-03 04:31:43 (8 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-10-01 11:04:28 (8 months ago)	2025-10-01T13:04:25.998916 localhost.localdomain sshd[237665]: pam_unix(sshd:auth): authentication f ... show more 2025-10-01T13:04:25.998916 localhost.localdomain sshd[237665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.207.34.20 2025-10-01T13:04:27.995906 localhost.localdomain sshd[237665]: Failed password for invalid user xylium.clan from 104.207.34.20 port 29899 ssh2 ... show less	Brute-Force SSH

Showing 1 to 15 of 69 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 192.253.248.169

🇩🇪 172.69.151.66

🇸🇿 143.105.155.55

🇨🇳 111.228.33.68

🇳🇱 93.123.118.24

🇷🇴 92.118.39.236

🇳🇱 85.11.167.7

🇬🇧 31.14.254.7

🇩🇪 213.209.159.235

🇨🇳 180.76.183.185

🇨🇳 123.160.175.144

🇷🇴 80.94.92.167

🇳🇱 77.83.39.217

🇸🇬 8.222.199.148

🇬🇧 185.249.74.198

🇳🇱 176.65.148.84

🇺🇸 172.253.251.158

🇧🇷 170.82.182.187

🇵🇭 154.18.197.35

🇵🇹 149.88.20.130