JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.10

104.207.42.10 was found in our database!

This IP was reported 105 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.10

Whois 104.207.42.10

IP Abuse Reports for 104.207.42.10:

This IP address has been reported a total of 105 times from 22 distinct sources. 104.207.42.10 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 LTM	2026-05-12 06:20:02 (3 weeks ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
🇸🇮 administrator	2026-05-04 17:03:43 (1 month ago)	2026-04-13 12:54:01,934 fail2ban.actions [1063]: NOTICE [ninjafirewall] Ban 104.207.42.10 20 ... show more 2026-04-13 12:54:01,934 fail2ban.actions [1063]: NOTICE [ninjafirewall] Ban 104.207.42.10 2026-04-13 12:54:01,934 fail2ban.actions [1063]: NOTICE [ninjafirewall] Ban 104.207.42.10 2026-04-13 12:54:01,934 fail2ban.actions [1063]: NOTICE [ninjafirewall] Ban 104.207.42.10 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TRoden	2026-03-04 03:25:33 (3 months ago)	Geo Block Plugin: Escalation flag(s): rce_attempt	Hacking
🇨🇭 backslash	2026-01-04 09:10:06 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇹 VHosting	2026-01-02 12:45:14 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇦🇺 MAGIC	2025-12-31 02:01:11 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 relianoid.com	2025-11-29 12:09:23 (6 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2025-11-27 21:13:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:13:41.442809 2025] [security2:error] [pid 18739:tid 18739] [client 104.207.42.10:49631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dymesich.com"] [uri "/.env"] [unique_id "aSi_BdEb4daW2j6EVmaRTAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:54:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:54:09.999204 2025] [security2:error] [pid 26909:tid 26909] [client 104.207.42.10:49385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.momihom.com"] [uri "/.svn/wc.db"] [unique_id "aSbcUSCNGn8GQHmLx8vQfwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:37:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:37:04.987513 2025] [security2:error] [pid 2477511:tid 2477511] [client 104.207.42.10:43465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hills-tax.com"] [uri "/.svn/wc.db"] [unique_id "aSagEHH2SnwQ26cB3eRiswAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:15:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:15:03.530664 2025] [security2:error] [pid 32704:tid 32704] [client 104.207.42.10:57713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.samuelcurtis.com"] [uri "/.env"] [unique_id "aSaa59bgQjM5T1Acc9yxrwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:44:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:44:26.454270 2025] [security2:error] [pid 31626:tid 31626] [client 104.207.42.10:17033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cephedanisman.com"] [uri "/.env"] [unique_id "aSZ3mluF_drn-claBvkqswAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:04:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:04:20.921821 2025] [security2:error] [pid 9603:tid 9603] [client 104.207.42.10:46061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.anthearodgers.com"] [uri "/.git/HEAD"] [unique_id "aSZuNHo7LoT1jarSs2_8YAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:21:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:21:31.801566 2025] [security2:error] [pid 17894:tid 17894] [client 104.207.42.10:30581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.1cdn.com"] [uri "/.env"] [unique_id "aSZkK52NgHULQRLTEhlNSwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 105 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 175.198.62.180

🇮🇹 151.27.236.149

🇹🇳 197.5.145.150

🇨🇳 180.153.236.81

🇮🇩 103.163.230.89

🇻🇳 103.61.44.43

🇺🇸 91.230.168.9

🇺🇸 52.186.182.85

🇳🇱 45.148.10.157

🇺🇸 3.217.193.179

🇹🇭 202.29.225.206

🇪🇬 197.50.106.125

🇬🇧 193.163.125.254

🇮🇩 180.246.177.121

🇨🇳 180.153.91.15

🇺🇸 172.202.118.43

🇨🇳 111.30.42.43

🇮🇳 103.132.243.250

🇿🇦 102.221.103.111

🇳🇱 102.129.200.117