JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.143

104.207.42.143 was found in our database!

This IP was reported 167 times. Confidence of Abuse is 45%: ?

45%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.143

Whois 104.207.42.143

IP Abuse Reports for 104.207.42.143:

This IP address has been reported a total of 167 times from 33 distinct sources. 104.207.42.143 was first reported on June 7th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇭🇳 unph	2026-06-22 10:42:11 (1 day ago)	Intento de acceso sospechoso bloqueado por AbuseIPDB Blocker Plugin	Brute-Force
🇫🇷 ELYAZ	2026-06-17 09:42:14 (6 days ago)	(y4) Failed scan -byebye- from 104.207.42.143 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-17 09:20:26 (6 days ago)	Web attack blocked by Wordfence on cuypersinvalkenburg.nl (1 hit). Reported by CRMON.	Web App Attack
🇺🇸 lostswordfish.com	2026-06-15 10:20:06 (1 week ago)	Wordfence waf block on fypeducation	Web App Attack
🇲🇹 Malta	2026-06-14 17:36:51 (1 week ago)	104.207.42.143 - - [14/Jun/2026:19:36:51 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 104.207.42.143 - - [14/Jun/2026:19:36:51 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack VPN IP
Anonymous	2026-06-14 12:19:33 (1 week ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-13 04:32:40 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.42.143: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.42.143: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 07:32:37.626879 2026] [security2:error] [pid 568634:tid 568737] [client 104.207.42.143:53077] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "aizdZWhA1AVliy02kiGZCwAAAdg"], referer: https://mail.asteriassantorini.com/wp-login.php show less	Port Scan
🇬🇷 setupgr	2026-06-12 06:47:29 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.42.143: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.42.143: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 09:47:29.056754 2026] [security2:error] [pid 104061:tid 104263] [client 104.207.42.143:20079] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: gyrosplace.gr"] [severity "CRITICAL"] [tag "security"] [hostname "gyrosplace.gr"] [uri "/wp-login.php"] [unique_id "aiurgdP1SVBHlBuGp5eDMAAAAM4"], referer: https://gyrosplace.gr/wp-login.php show less	Port Scan
🇫🇷 ELYAZ	2026-06-09 20:35:02 (1 week ago)	(y4) Failed scan -byebye- from 104.207.42.143 (US/United States/-): (CF_ENABLE)	Hacking
🇺🇸 mnsf	2026-06-04 19:06:28 (2 weeks ago)	Abuse Detected (3)	Brute-Force Web App Attack
🇪🇸 librebit	2026-05-17 05:32:40 (1 month ago)	Brute force	Brute-Force
🇨🇭 4server	2026-04-05 21:39:15 (2 months ago)	[SunApr0523:39:10.7764722026][security2:error][pid105377:tid105383][client104.207.42.143:0]ModSecuri ... show more [SunApr0523:39:10.7764722026][security2:error][pid105377:tid105383][client104.207.42.143:0]ModSecurity:Accessdeniedwithcode403$phase1$.Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"200\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"www.giuristifriburgo.ch\"][uri\"/xmlrpc.php\"][unique_id\"adLWfqeR3PSp6RY9N0tDbgAAAQM\"] show less	Hacking Web App Attack
🇫🇷 masterguru	2026-03-29 10:33:40 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.143 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.143 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-24 09:22:38 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack

Showing 1 to 15 of 167 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.186.210

🇺🇸 2620:18c:0:192::e0:165

🇹🇳 197.244.218.77

🇺🇸 162.216.150.188

🇺🇸 162.216.150.123

🇺🇸 136.114.206.121

🇷🇴 80.94.92.184

🇺🇸 45.33.110.79

🇺🇸 20.106.33.119

🇺🇸 2001:4860:4860::8888

🇺🇸 174.23.232.241

🇺🇸 162.216.149.187

🇻🇳 104.218.166.62

🇿🇲 102.23.122.235

🇷🇴 80.94.92.166

🇬🇧 35.203.211.66

🇺🇸 35.87.226.248

🇸🇪 4.223.105.231

🇳🇱 204.76.203.51

🇭🇰 118.26.36.195