JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.115

104.207.42.115 was found in our database!

This IP was reported 118 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.115

Whois 104.207.42.115

IP Abuse Reports for 104.207.42.115:

This IP address has been reported a total of 118 times from 19 distinct sources. 104.207.42.115 was first reported on June 4th 2024, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-22 19:17:37 (4 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇨🇭 4server	2026-04-15 23:42:20 (2 months ago)	[ThuApr1601:42:16.1688762026][security2:error][pid2423061:tid2423063][client104.207.42.115:0]ModSecu ... show more [ThuApr1601:42:16.1688762026][security2:error][pid2423061:tid2423063][client104.207.42.115:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"345\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"giuristifriburgo.ch\"][uri\"/xmlrpc.php\"][unique_id\"aeAiWHVxy6t1fbVp34OYjQAAAEA\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 03:14:58 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 22:14:55.581576 2026] [security2:error] [pid 9392:tid 9392] [client 104.207.42.115:17809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "richardnash.com"] [uri "/backup/.git/config"] [unique_id "aZUur9DJ27IPgPfkwmjp5AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:11:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:11:28.955950 2026] [security2:error] [pid 771494:tid 771500] [client 104.207.42.115:13953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gapm.eu"] [uri "/frontend/.env"] [unique_id "aYpNgHeAj16Xsm7lkAkMSQAAAQQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 11:59:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 06:59:29.703022 2026] [security2:error] [pid 7849:tid 7849] [client 104.207.42.115:63125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galvez.cc"] [uri "/.env.staging"] [unique_id "aYnMISfdhfc2-wBPY7InxgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 11:03:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 06:03:14.932999 2026] [security2:error] [pid 5611:tid 5611] [client 104.207.42.115:9843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gaksato.com"] [uri "/backend/.env"] [unique_id "aYm-8tQ9CpGEyzqRJKHsiwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 10:20:06 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 05:19:58.430790 2026] [security2:error] [pid 26574:tid 26574] [client 104.207.42.115:27861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gacstoday.com"] [uri "/admin/.env"] [unique_id "aYm0zmhr87qELA8E9gvVHAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 09:05:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 04:05:49.438554 2026] [security2:error] [pid 24954:tid 24954] [client 104.207.42.115:9993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "g-peopleland.com"] [uri "/v2/.git/config"] [unique_id "aYmjbZtEE3pd7SENn18zkQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 08:27:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 03:27:25.471264 2026] [security2:error] [pid 17931:tid 17931] [client 104.207.42.115:19227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fydelitybags.com"] [uri "/test/.git/config"] [unique_id "aYmabdHF0ls11FPG05vh1QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 07:45:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 02:45:37.871477 2026] [security2:error] [pid 9842:tid 9842] [client 104.207.42.115:60349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuzzyecho.com"] [uri "/.env.production"] [unique_id "aYmQoVCJ2aC8qvUuDsLyFwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 01:22:03 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 20:21:55.162231 2026] [security2:error] [pid 201932:tid 201932] [client 104.207.42.115:39167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftiptondds.com"] [uri "/backend/.env"] [unique_id "aYk2s3KTl05NH0Guo2gu3AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2026-01-16 22:41:26 (5 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:53 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-16 03:40:20 (6 months ago)	2025-12-16T05:40:19.888766+02:00 zanati wp(www.sahpa.co.za)[1160827]: Blocked authentication attempt ... show more 2025-12-16T05:40:19.888766+02:00 zanati wp(www.sahpa.co.za)[1160827]: Blocked authentication attempt for [email protected] from 104.207.42.115 ... show less	Web App Attack
Anonymous	2025-11-13 23:32:46 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 118 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇹 195.32.104.202

🇸🇪 142.251.143.138

🇮🇳 113.193.234.210

🇲🇲 103.233.206.154

🇧🇬 79.124.56.146

🇫🇷 51.159.149.103

🇳🇱 45.148.10.240

🇺🇸 44.101.194.227

🇺🇸 44.17.91.220

🇮🇷 31.7.66.163

🇺🇸 23.234.113.86

🇺🇸 2600:3c00::2000:8aff:fe85:8ee8

🇮🇳 183.82.112.163

🇺🇸 172.253.93.208

🇰🇷 119.204.60.250

🇱🇻 81.30.98.144

🇮🇹 79.11.39.204

🇳🇱 45.198.224.46

🇳🇱 45.156.128.131

🇺🇸 44.101.176.69