JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.34.9

104.207.34.9 was found in our database!

This IP was reported 92 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.34.9

Whois 104.207.34.9

IP Abuse Reports for 104.207.34.9:

This IP address has been reported a total of 92 times from 16 distinct sources. 104.207.34.9 was first reported on June 8th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-14 20:27:18 (3 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-27.104.207.34.9.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-27.104.207.34.9.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 LRob.fr	2026-04-15 13:45:05 (1 month ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-04-15 12:45:10 (1 month ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-03-01 14:13:15 (3 months ago)	Forum/form spam	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:13 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-23 19:35:58 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-02 22:22:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:22:31.411349 2025] [security2:error] [pid 5171:tid 5171] [client 104.207.34.9:38563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hppagewideprinting.com"] [uri "/.git/HEAD"] [unique_id "aS9mp5kUCIk401sYsmmxiQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 21:50:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:50:13.403094 2025] [security2:error] [pid 3586:tid 3586] [client 104.207.34.9:31231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "moontouchmassage.com"] [uri "/.env"] [unique_id "aS9fFWYmT1z2yZvU88mKdAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:23:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:23:17.021379 2025] [security2:error] [pid 26381:tid 26381] [client 104.207.34.9:10855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oakvillenaturopathicclinic.com"] [uri "/.git/HEAD"] [unique_id "aS8ghVfvNNPpItbMeRD2UwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:03:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:02:56.846132 2025] [security2:error] [pid 19952:tid 19952] [client 104.207.34.9:36779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "redbends.com"] [uri "/.svn/wc.db"] [unique_id "aS6dMHgZczJ0GF5qWlI6MAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:42:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:42:42.813249 2025] [security2:error] [pid 21054:tid 21054] [client 104.207.34.9:33217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "biographicalpainting.com"] [uri "/.svn/wc.db"] [unique_id "aS58UroSYQ2VkmK4CmNCsgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 03:07:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.34.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 22:07:05.824709 2025] [security2:error] [pid 6268:tid 6268] [client 104.207.34.9:12529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notariaarauco.cl"] [uri "/.svn/wc.db"] [unique_id "aS5X2QadBW8cWth3zvTxRAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:02:38 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-28 12:18:27 (7 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack

Showing 1 to 15 of 92 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 125.235.235.231

🇰🇷 125.128.246.98

🇧🇩 103.129.114.226

🇵🇰 72.255.17.2

🇬🇧 35.203.211.73

🇲🇽 186.96.145.241

🇿🇦 165.73.180.91

🇩🇪 141.11.107.166

🇨🇳 122.96.28.100

🇱🇹 81.30.98.144

🇷🇴 80.94.92.186

🇬🇧 35.203.211.167

🇨🇳 223.243.24.178

🇺🇸 195.184.76.164

🇨🇳 121.235.202.3

🇧🇭 88.201.9.18

🇸🇬 47.128.121.59

🇮🇷 37.148.36.203

🇭🇺 31.46.240.255

🇺🇸 20.65.194.77