JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.131

104.207.42.131 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 42%: ?

42%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.131

Whois 104.207.42.131

IP Abuse Reports for 104.207.42.131:

This IP address has been reported a total of 155 times from 34 distinct sources. 104.207.42.131 was first reported on June 18th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-14 00:15:34 (3 days ago)	(y4) Failed scan -byebye- from 104.207.42.131 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-12 14:20:56 (4 days ago)	Web attack blocked by Wordfence on gedichtenlangsdegeul.nl (1 hit). Reported by CRMON.	Web App Attack
🇬🇷 setupgr	2026-06-11 08:23:00 (6 days ago)	(mod_security) mod_security (id:900001) triggered by 104.207.42.131: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.42.131: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 11 11:22:58.987445 2026] [security2:error] [pid 2070000:tid 2070046] [client 104.207.42.131:42979] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: sea-sound.com"] [severity "CRITICAL"] [tag "security"] [hostname "sea-sound.com"] [uri "/wp-login.php"] [unique_id "aipwYv_NU8LTVBV2DmF1DwAAAMo"], referer: https://sea-sound.com/wp-login.php show less	Port Scan
🇩🇪 iNetWorker	2026-06-11 04:33:48 (6 days ago)	trolling for resource vulnerabilities	Web App Attack
Anonymous	2026-06-03 13:07:55 (2 weeks ago)	WordPress Brute Force	Brute-Force
🇺🇸 lostswordfish.com	2026-05-31 21:38:03 (2 weeks ago)	Wordfence waf block on wvrsol	Web App Attack
🇫🇷 ELYAZ	2026-05-31 10:33:56 (2 weeks ago)	(y4) Failed scan -byebye- from 104.207.42.131 (US/United States/-): (CF_ENABLE)	Hacking
🇫🇷 pm33	2026-05-31 01:07:42 (2 weeks ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-05-30 03:07:06 (2 weeks ago)	(y4) Failed scan -byebye- from 104.207.42.131 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-29 02:35:43 (2 weeks ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/w ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/weihnachtsbasar-athen.gr.log; samples=site_wide=true \| distinct_ips=16 \| /wp-login.php show less	Hacking Web App Attack
🇮🇩 Burayot	2026-05-01 14:23:59 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.42.131 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.42.131 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 nowyouknow	2026-04-20 20:01:52 (1 month ago)	Malicious Traffic/Form Submission	Phishing Web Spam
🇫🇷 masterguru	2026-03-28 10:25:39 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.131 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.131 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇱🇻 garmtech.com	2026-03-24 09:21:07 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇬🇧 Artelis	2026-02-12 03:47:26 (4 months ago)	104.207.42.131 - - [12/Feb/2026:03:47:20 +0000] "GET http://arteldevelopments.com/.aws/credentials H ... show more 104.207.42.131 - - [12/Feb/2026:03:47:20 +0000] "GET http://arteldevelopments.com/.aws/credentials HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 104.207.42.131 - - [12/Feb/2026:03:47:25 +0000] "GET http://artellogallery.com/.env.production HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 218.159.144.187

🇭🇰 165.154.41.201

🇩🇪 150.241.77.158

🇲🇾 203.121.40.210

🇲🇿 197.219.228.246

🇨🇳 183.222.182.199

🇻🇳 103.74.116.219

🇫🇷 82.64.38.234

🇱🇺 64.89.161.160

🇵🇰 38.100.220.178

🇺🇸 209.85.128.200

🇭🇰 152.32.128.214

🇷🇴 151.242.191.232

🇰🇷 118.37.214.187

🇺🇸 107.150.103.20

🇨🇳 27.18.162.38

🇩🇪 2.58.196.38

🇺🇸 173.239.218.111

🇮🇷 151.233.229.3

🇨🇳 120.235.239.30