JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.31

104.207.34.31 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 34%: ?

34%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.31

Whois 104.207.34.31

IP Abuse Reports for 104.207.34.31:

This IP address has been reported a total of 147 times from 22 distinct sources. 104.207.34.31 was first reported on June 22nd 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-04 19:07:22 (3 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 pinguin	2026-06-04 16:29:33 (3 days ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.svn/wc.db UA: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 wlt-blocker	2026-05-21 13:10:49 (2 weeks ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 17:47:46 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 13:47:39.027306 2026] [security2:error] [pid 5229:tid 5229] [client 104.207.34.31:58251] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.guardmagic.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.guardmagic.com"] [uri "/s3cmd.ini"] [unique_id "agyiOyY2li8s1y2lR_ZarAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-04 21:59:54 (1 month ago)	Auto-ban: >3000 req/min op 2026-05-04	Web App Attack SSH Hacking
🇮🇩 Burayot	2026-04-28 08:34:57 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.207.34.31 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.207.34.31 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇫🇷 masterguru	2026-04-28 04:33:48 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.34.31 (US/United States/-): 1 ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.34.31 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 Octopuce	2026-03-27 23:08:03 (2 months ago)	Aggressive web search of vulnerable pages: /le_connector/connector.php?encode=no /index.php?option=% ... show more Aggressive web search of vulnerable pages: /le_connector/connector.php?encode=no /index.php?option=%27&view=article&id=27%3ata-aroa-et-la-naiss ... show less	Web App Attack
🇺🇸 octageeks.com	2026-03-03 05:14:24 (3 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:10:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:10:23.765263 2026] [security2:error] [pid 25068:tid 25068] [client 104.207.34.31:38465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "katharinanitzpon.com"] [uri "/admin/.git/config"] [unique_id "aZZxD3owMO9bX1C9yfKXcAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 18:32:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:32:17.395723 2026] [security2:error] [pid 27869:tid 27869] [client 104.207.34.31:61471] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewanderingwoods.quest"] [uri "/v2/.git/config"] [unique_id "aZYFsdMqTCoQu45oFjA-6gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-02-18 12:36:35 (3 months ago)	(modsecurity) srv102 ModSecurity 104.207.34.31 (US/United States/-): 5 in the last 3600 secs; Ports: ... show more (modsecurity) srv102 ModSecurity 104.207.34.31 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 12:20:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 07:20:53.334213 2026] [security2:error] [pid 8923:tid 8923] [client 104.207.34.31:53085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weavergroup.us"] [uri "/app/.env"] [unique_id "aZWupVwq-bFm4vcdIw_JoAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 11:46:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:46:20.808468 2026] [security2:error] [pid 23532:tid 23532] [client 104.207.34.31:39905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "walterjhoodco.com"] [uri "/wp/.git/config"] [unique_id "aZWmjO3Lp1tEU1TiVeaMrQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 04:46:12 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.86

🇬🇧 195.96.139.244

🇮🇹 93.92.74.235

🇺🇸 35.245.193.17

🇧🇪 2a00:1450:400c:c1d::125

🇺🇸 2604:a880:400:d1:0:4:8bf8:3001

🇳🇱 213.177.179.107

🇳🇱 176.65.148.2

🇮🇳 152.32.158.219

🇧🇩 144.79.133.50

🇷🇴 80.94.92.128

🇬🇧 67.213.126.69

🇸🇬 47.79.216.35

🇯🇵 43.133.194.186

🇹🇷 5.180.105.134

🇩🇪 2a02:4780:3f:2161:0:1b79:6609:1

🇮🇳 2a02:4780:11:2096:0:10aa:b9d1:1

🇺🇸 2604:a880:400:d1:0:4:8bee:2001

🇹🇼 198.235.24.8

🇷🇴 109.100.14.222