JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.101

104.207.42.101 was found in our database!

This IP was reported 163 times. Confidence of Abuse is 19%: ?

19%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.101

Whois 104.207.42.101

IP Abuse Reports for 104.207.42.101:

This IP address has been reported a total of 163 times from 29 distinct sources. 104.207.42.101 was first reported on June 13th 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 05:20:44 (8 hours ago)	Web App Attack	Web App Attack
🇫🇷 Sklurk	2026-06-20 02:15:45 (3 days ago)	Web App Attack	Web App Attack
🇬🇷 Staging	2026-06-15 12:35:00 (1 week ago)	One of the Worst ASNs, 1000s of hacking, probes, etc.	Bad Web Bot Hacking
Anonymous	2026-05-19 05:24:33 (1 month ago)	Banned by SPAMHAUS ASN-DROP list (ASN: 200373)	DDoS Attack Hacking Bad Web Bot Web App Attack
Anonymous	2026-04-01 19:01:32 (2 months ago)	Forum/form spam	Web Spam
🇹🇷 rtbh.com.tr	2026-02-15 20:11:35 (4 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2026-02-15 12:33:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:33:32.444178 2026] [security2:error] [pid 10663:tid 10663] [client 104.207.42.101:19645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "partnersforaccess.net"] [uri "/v2/.git/config"] [unique_id "aZG9HALBsITXsPF-1zn0oQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 12:18:39 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:49:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:49:04.237592 2026] [security2:error] [pid 10764:tid 10764] [client 104.207.42.101:46467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "serconpri.com"] [uri "/admin/.env"] [unique_id "aZGysBJW-yBE8UG4cnhg4wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 INTEQ	2026-02-15 11:48:43 (4 months ago)	Web attack from 104.207.42.101	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:11:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:11:29.890332 2026] [security2:error] [pid 570630:tid 570630] [client 104.207.42.101:16441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "purelywhimsical.com"] [uri "/.env"] [unique_id "aZGp4bXwigkHF-Rt8--yLQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:56:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:56:27.198191 2026] [security2:error] [pid 978:tid 978] [client 104.207.42.101:29955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seekingthemind.com"] [uri "/admin/.env"] [unique_id "aZGmW-Pe3NVaVAV3NHOcpAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 07:06:07 (4 months ago)	Trying to access config files	Web App Attack
🇩🇪 filstal.org	2026-02-15 05:53:55 (4 months ago)	Vulnerability scan activity detected by Fail2Ban	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:27:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:27:32.918298 2026] [security2:error] [pid 9049:tid 9049] [client 104.207.42.101:22213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ohiobabe.com"] [uri "/.env.production"] [unique_id "aZFZRHi6lgLSLVqkcxOGAAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 163 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.96.139.114

🇳🇱 160.119.69.14

🇳🇱 159.223.213.49

🇨🇳 49.72.111.25

🇬🇧 195.96.139.138

🇬🇧 195.96.139.129

🇬🇧 185.247.137.126

🇧🇬 185.225.84.60

🇰🇷 121.167.147.112

🇮🇳 106.51.188.27

🇬🇧 87.236.176.142

🇫🇷 85.217.140.46

🇳🇱 45.148.10.157

🇮🇪 4.207.145.86

🇬🇧 185.247.137.138

🇬🇧 185.247.137.111

🇮🇩 157.15.67.253

🇪🇬 156.206.229.162

🇮🇳 122.187.230.148

🇫🇷 104.23.229.31