JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.54

104.207.34.54 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.54

Whois 104.207.34.54

IP Abuse Reports for 104.207.34.54:

This IP address has been reported a total of 135 times from 14 distinct sources. 104.207.34.54 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 03:49:28 (2 weeks ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-02-12 02:27:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:27:10.513257 2026] [security2:error] [pid 15187:tid 15233] [client 104.207.34.54:49803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrowsinthequiver.com"] [uri "/app/.env"] [unique_id "aY06ftE-upNczeVY_cox5wAAAUA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:22:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:22:34.217765 2026] [security2:error] [pid 14130:tid 14193] [client 104.207.34.54:61063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arizonasolutionsgroup.com"] [uri "/dev/.git/config"] [unique_id "aY0POj56FJlaLu3_3qItPAAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 000rosiu	2026-02-11 17:07:05 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: /v2/.git/config Timestamp: 2026-02-11T17:03:14Z Ray ID: 9cc56b21bacb41bb UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-10 06:28:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:28:13.617578 2026] [security2:error] [pid 8430:tid 8430] [client 104.207.34.54:53223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iktonline.org"] [uri "/test/.git/config"] [unique_id "aYrP_Z-ccfL7w_ssx5cfVAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:16:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:16:25.764356 2026] [security2:error] [pid 23343:tid 23343] [client 104.207.34.54:59433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iee-usa.com"] [uri "/.git/config"] [unique_id "aYq_KZjs_8Utuq3dwWaBTwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:24:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:24:03.931811 2026] [security2:error] [pid 3113:tid 3113] [client 104.207.34.54:29173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbyimc.com"] [uri "/.env.local"] [unique_id "aYqk0zDLtX3oWG9wlpYW-AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-02-10 03:02:16 (3 months ago)	2026-02-10 04:02:16 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:56:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:55:59.491798 2026] [security2:error] [pid 10597:tid 10597] [client 104.207.34.54:27239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howietaylor.com"] [uri "/backend/.env"] [unique_id "aYpl_9DJ1VDawJDNH4JSXQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:34:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:34:22.164706 2026] [security2:error] [pid 16538:tid 16538] [client 104.207.34.54:29209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "macro-astrology.com"] [uri "/.git/config"] [unique_id "aYpg7hg6vThH1L0r7-RlgwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 21:10:33 (3 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-10 16:12:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 10 11:12:13.142358 2026] [security2:error] [pid 12695:tid 12695] [client 104.207.34.54:58973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "salernospizza.com"] [uri "/.git/config"] [unique_id "aWJ6XaJwAbhhhtAHPdv7ggAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-11-06 04:00:52 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-10-04 13:40:25 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.04 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-03 06:54:32 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.03 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.03 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.111

🇧🇷 189.127.12.74

🇨🇳 183.3.218.59

🇨🇳 112.123.107.215

🇳🇱 89.21.67.158

🇳🇱 81.19.216.102

🇳🇱 81.19.216.80

🇺🇸 65.49.1.212

🇳🇱 45.142.193.198

🇺🇸 34.11.151.181

🇺🇸 2001:470:1:c84::e8

🇲🇽 206.135.29.10

🇳🇱 204.76.203.219

🇷🇺 176.109.97.11

🇨🇳 123.52.46.155

🇨🇳 121.4.103.225

🇳🇱 89.21.67.173

🇺🇸 34.148.58.78

🇮🇷 5.237.91.34

🇵🇱 195.3.220.7