JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.253

104.207.34.253 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.253

Whois 104.207.34.253

IP Abuse Reports for 104.207.34.253:

This IP address has been reported a total of 132 times from 14 distinct sources. 104.207.34.253 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-15 06:27:00 (3 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:23:06 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇸🇪 KIDOS	2026-01-21 02:10:57 (4 months ago)	malicious activity	Web App Attack
🇵🇱 sefinek.net	2025-12-27 06:26:48 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-22 19:09:23 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 22 14:09:15.702561 2025] [security2:error] [pid 19576:tid 19576] [client 104.207.34.253:31515] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.phantomkennels.com\|F\|2"] [data "[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.phantomkennels.com"] [uri "/[email protected]"] [unique_id "aUmXWy44YiSw45Tq9PDEMQAAAA0"], referer: https://www.phantomkennels.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 kumiko	2025-11-24 09:08:01 (6 months ago)	[2025-11-24 11:08:01] Probing for dotfiles "GET /.git/HEAD HTTP/1.1" 301	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:16:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:15:52.508617 2025] [security2:error] [pid 12968:tid 12968] [client 104.207.34.253:9359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.angelabcomics.flyingdodopublications.com"] [uri "/.env"] [unique_id "aSQUON4hCCYx6Zj6gIpQ3wAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:42:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:41:52.778720 2025] [security2:error] [pid 4469:tid 4469] [client 104.207.34.253:34293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.anbruswebdesign.com"] [uri "/.git/HEAD"] [unique_id "aSQMQIIF6Kfzf72fQ3YGlQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:04:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:04:18.426632 2025] [security2:error] [pid 30330:tid 30330] [client 104.207.34.253:20169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.deluxeexpress.com"] [uri "/.git/HEAD"] [unique_id "aSPnUsdGu6DeICyIRSr4WAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:15:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:15:53.079902 2025] [security2:error] [pid 30054:tid 30054] [client 104.207.34.253:19955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.mosherpit.com"] [uri "/.git/HEAD"] [unique_id "aSPb-RHBANXawvR_p3GO_QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:24:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:24:39.014152 2025] [security2:error] [pid 14361:tid 14361] [client 104.207.34.253:32271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kellenbarger.com"] [uri "/.svn/wc.db"] [unique_id "aSPP95bfrZ36G6E047HZuQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 14:11:00 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 22:45:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 17:44:55.331532 2025] [security2:error] [pid 24239:tid 24239] [client 104.207.34.253:13357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.meltonhome.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRZfZ1qscVWFLKrXdfB4vQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2025-10-19 03:10:06 (7 months ago)	Connection atttempts against closed TCP ports Oct 19 05:10:03 BLOCK SRC=104.207.34.253 LEN=60 TOS=0x ... show more Connection atttempts against closed TCP ports Oct 19 05:10:03 BLOCK SRC=104.207.34.253 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=24726 DF PROTO=TCP SPT=43191 DPT=22 WINDOW=64240 RES=0x00 SYN Oct 19 05:10:04 BLOCK SRC=104.207.34.253 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=24727 DF PROTO=TCP SPT=43191 DPT=22 WINDOW=64240 RES=0x00 SYN Oct 19 05:10:06 BLOCK SRC=104.207.34.253 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=24728 DF PROTO=TCP SPT=43191 DPT=22 WINDOW=64240 RES=0x00 SYN show less	Port Scan

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 62.60.130.14

🇹🇿 169.255.187.234

🇺🇸 156.146.39.7

🇱🇹 141.98.10.16

🇨🇳 112.25.215.116

🇮🇩 103.191.14.243

🇨🇳 60.172.41.103

🇭🇰 34.92.49.111

🇨🇳 27.25.115.69

🇧🇩 202.134.10.130

🇮🇳 202.53.94.246

🇺🇸 195.184.76.139

🇧🇷 177.11.196.79

🇩🇪 155.117.127.214

🇨🇳 139.170.73.177

🇩🇪 138.124.55.12

🇺🇸 107.150.98.168

🇺🇸 104.243.42.167

🇧🇩 103.163.117.83

🇳🇱 91.92.42.63