JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.207

104.207.34.207 was found in our database!

This IP was reported 158 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.207

Whois 104.207.34.207

IP Abuse Reports for 104.207.34.207:

This IP address has been reported a total of 158 times from 25 distinct sources. 104.207.34.207 was first reported on June 6th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-04-22 23:58:41 (1 month ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/104.207.34.207 2026-04 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/104.207.34.207 2026-04-22 15:05:06 /general/appbuilder/web/portal/gateway/getdata?activeTab=%E5%27%19,1%3D%3Eeval(base64_decode(%22ZWNobyB2dWxuX3Rlc3Q7%22)))%3B/*&id=19&module=Carouselimage show less	Web App Attack
🇦🇺 oncord	2026-03-22 12:27:07 (2 months ago)	Form spam	Web Spam
Anonymous	2026-03-06 17:43:59 (3 months ago)	Forum/form spam	Web Spam
🇨🇭 backslash	2026-03-04 23:06:00 (3 months ago)		Web Spam
🇫🇷 MaxSmartCode	2026-02-25 15:54:10 (3 months ago)	Credential brute-force attacks on webpage.	Brute-Force SSH
🇦🇺 oncord	2026-02-23 04:17:38 (3 months ago)	Form spam	Web Spam
🇦🇺 oncord	2026-02-20 05:15:30 (3 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-19 05:40:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:40:36.803704 2026] [security2:error] [pid 1110:tid 1110] [client 104.207.34.207:21527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kugbe.com"] [uri "/app/.env"] [unique_id "aZaiVOdKWb9C23IyGym2xgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-19 05:27:10 (4 months ago)	http-sensitive-files - IP: 104.207.34.207 - time="2026-02-19T06:27:10+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.34.207 - time="2026-02-19T06:27:10+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.34.207 (US/200373) : 4h ban on Ip 104.207.34.207" module=db show less	Web App Attack
Anonymous	2026-02-19 01:05:07 (4 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 00:28:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:28:02.738481 2026] [security2:error] [pid 18755:tid 18755] [client 104.207.34.207:24487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "voltbox.com"] [uri "/new/.git/config"] [unique_id "aZZZEgR7qXewGXDDWny6zAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 19:48:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:48:47.377047 2026] [security2:error] [pid 30764:tid 30764] [client 104.207.34.207:51281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "topnotchupholstery.com"] [uri "/api/.git/config"] [unique_id "aZYXn1iUSzVN2CvD8vmXLAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:42:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.207 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.207 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:41:56.144353 2026] [security2:error] [pid 2313:tid 2313] [client 104.207.34.207:53177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thinksite.net"] [uri "/test/.git/config"] [unique_id "aZYH9BMCZ8625otrp8h8CwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-11 04:53:25 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /admin/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /admin/.env] show less	Hacking Web App Attack

Showing 1 to 15 of 158 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.2

🇸🇬 104.28.163.14

🇬🇧 35.203.211.237

🇨🇳 171.213.162.197

🇨🇳 171.14.30.183

🇨🇳 139.198.29.172

🇱🇹 62.60.130.14

🇮🇪 52.169.217.131

🇫🇮 147.185.133.120

🇺🇸 147.185.132.13

🇨🇳 120.236.196.93

🇩🇪 45.86.202.99

🇨🇳 223.64.97.191

🇺🇸 143.42.164.34

🇫🇷 91.231.89.225

🇳🇱 91.92.40.10

🇺🇸 66.132.186.212

🇱🇧 185.169.7.98

🇫🇮 147.185.133.219

🇺🇸 147.185.132.67