JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.25

104.207.34.25 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.25

Whois 104.207.34.25

IP Abuse Reports for 104.207.34.25:

This IP address has been reported a total of 131 times from 29 distinct sources. 104.207.34.25 was first reported on June 5th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-15 11:08:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:08:35.735724 2026] [security2:error] [pid 15646:tid 15646] [client 104.207.34.25:37341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sekel.org"] [uri "/site/.git/config"] [unique_id "aZGpM9rJaTzAEh2q_Zr7RAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 07:01:34 (3 months ago)	Multiple WAF Violations	Web App Attack
🇪🇸 masterguru	2026-02-15 06:50:03 (3 months ago)	Restricted File Access Attempt. Matched phrase "/.env" at REQUEST_FILENAME. (930130-122)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:19:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:19:42.293233 2026] [security2:error] [pid 14688:tid 14688] [client 104.207.34.25:31397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scifitimeline.com"] [uri "/.env"] [unique_id "aZFlfh3G48SFcTfCTKdeFQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:58:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:58:45.664034 2026] [security2:error] [pid 28205:tid 28205] [client 104.207.34.25:26409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omnithermal.com"] [uri "/test/.git/config"] [unique_id "aZFglQajvbe0Jw3ldYN_AAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:38:08 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:38:01.527573 2026] [security2:error] [pid 749:tid 749] [client 104.207.34.25:45997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sbxyz.net"] [uri "/config/.env"] [unique_id "aZFbuQG-fRNGV7P-o_OBjAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 05:05:29 (3 months ago)	Scanning/Probing (21)	Brute-Force Web App Attack
🇺🇸 kosada.com	2026-02-15 04:24:42 (3 months ago)	Web vulnerability probing: /admin/.env	Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 04:13:21 (3 months ago)	(modsecurity) srv104 ModSecurity 104.207.34.25 (US/United States/-): 5 in the last 3600 secs; Ports: ... show more (modsecurity) srv104 ModSecurity 104.207.34.25 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:06:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:06:14.005283 2026] [security2:error] [pid 22104:tid 22124] [client 104.207.34.25:42119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "power51.com"] [uri "/admin/.env"] [unique_id "aZFGNpdbqspsQW1awXA5_wAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:09:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:09:01.920941 2026] [security2:error] [pid 2194:tid 2194] [client 104.207.34.25:62479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "polarfoxinno.com"] [uri "/.env.production"] [unique_id "aZE4zSzknyCFfy3HR51sMQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 02:38:17 (3 months ago)	Blocking for trying to access an exploit file: /.aws/credentials	Hacking
🇺🇸 TPI-Abuse	2026-02-15 01:46:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:46:21.655316 2026] [security2:error] [pid 20718:tid 20718] [client 104.207.34.25:15869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "piperwaite.com"] [uri "/api/.env"] [unique_id "aZElbaWeM_e5jMF6HrciMAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:28:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:28:22.659477 2026] [security2:error] [pid 14439:tid 14439] [client 104.207.34.25:46171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ronelgas.com"] [uri "/.env.save"] [unique_id "aZEhNmpaZ0BaJ-1nb_0B7gAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-14 04:53:02 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /v2/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 106.214.9.146

🇮🇳 103.138.237.18

🇧🇪 35.205.55.166

🇧🇷 205.210.31.219

🇵🇰 203.101.186.239

🇹🇷 195.85.207.182

🇪🇸 188.164.195.116

🇨🇳 182.138.158.68

🇩🇪 167.94.145.23

🇻🇳 112.137.143.2

🇩🇪 82.165.133.93

🇱🇹 81.30.98.158

🇱🇹 81.30.98.144

🇳🇱 45.148.10.152

🇬🇧 35.203.210.136

🇮🇷 31.7.66.163

🇺🇸 216.218.206.123

🇮🇳 183.82.120.1

🇨🇳 123.10.144.52

🇨🇳 113.88.168.208