JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.133

104.207.42.133 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.133

Whois 104.207.42.133

IP Abuse Reports for 104.207.42.133:

This IP address has been reported a total of 136 times from 13 distinct sources. 104.207.42.133 was first reported on June 11th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 solution.it	2026-05-09 10:16:17 (1 month ago)	[Sat May 09 12:16:17.646334 2026] [php7:error] [pid 2112963:tid 2112963] [client 104.207.42.133:4335 ... show more [Sat May 09 12:16:17.646334 2026] [php7:error] [pid 2112963:tid 2112963] [client 104.207.42.133:43351] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇫🇷 masterguru	2026-05-05 08:59:10 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.133 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.133 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇫🇷 masterguru	2026-04-26 17:45:04 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.133 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.133 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-04-22 23:57:53 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.133 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.133 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 masterguru	2026-04-13 09:22:19 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.133 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.133 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
Anonymous	2025-12-30 20:33:01 (5 months ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:03:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:03:05.515676 2025] [security2:error] [pid 14722:tid 14722] [client 104.207.42.133:38641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "intellectualcapitalmanagementsystems.com"] [uri "/.env"] [unique_id "aVH9eZO9jReTCeJ6DfGMuQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-11 01:51:29 (6 months ago)	botnet	DDoS Attack
Anonymous	2025-11-29 09:07:07 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.29 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.29 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 octageeks.com	2025-11-28 05:10:15 (6 months ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:30:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:30:04.095049 2025] [security2:error] [pid 10619:tid 10718] [client 104.207.42.133:19121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.scribblism.com"] [uri "/.env"] [unique_id "aSVM7AXcnVrJOg7V-2KDsQAAAQ4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:22:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:22:43.144084 2025] [security2:error] [pid 784228:tid 784228] [client 104.207.42.133:49617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.srtmanagementservices.com"] [uri "/.env"] [unique_id "aSUvE5NMdKcdTUM52P6kVgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:48:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.133 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:48:51.059008 2025] [security2:error] [pid 12373:tid 12373] [client 104.207.42.133:38125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.stucohen.com"] [uri "/.git/HEAD"] [unique_id "aSUZE9y1pnsGicZ02GU7hwAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 20:48:50 (6 months ago)	Attempted brute force login to web vpn 13 time(s); last attempt for 2025.11.17 is noted in report ti ... show more Attempted brute force login to web vpn 13 time(s); last attempt for 2025.11.17 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-15 08:29:27 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.15 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.15 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.32.209.253

🇸🇪 185.246.130.20

🇯🇵 31.57.90.162

🇨🇦 20.151.217.54

🇻🇳 14.186.34.93

🇲🇽 187.191.48.24

🇮🇷 185.208.174.54

🇫🇷 85.217.140.43

🇺🇸 2607:f8b0:400e:c09::12d

🇮🇳 205.254.168.21

🇳🇱 188.166.99.21

🇯🇵 172.68.119.122

🇩🇪 151.243.11.37

🇧🇷 147.15.20.173

🇨🇳 120.48.135.189

🇵🇰 103.19.252.48

🇺🇸 66.132.172.229

🇮🇳 13.205.160.37

🇺🇸 8.230.96.173

🇩🇪 2.27.20.149