JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.152

104.207.42.152 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.152

Whois 104.207.42.152

IP Abuse Reports for 104.207.42.152:

This IP address has been reported a total of 147 times from 23 distinct sources. 104.207.42.152 was first reported on June 11th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-04-09 09:23:31 (2 months ago)	Fail2Ban banned 104.207.42.152 for security violations in jail nginx-aggressive. Log: 2026/04/09 09: ... show more Fail2Ban banned 104.207.42.152 for security violations in jail nginx-aggressive. Log: 2026/04/09 09:23:30 [error] FastCGI sent in stderr: "Primary script unknown" , client: 104.207.42.152, server: [REDACTED], request: "POST /wp-admin/xmlrpc.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] 2026/04/09 09:23:31 [error] FastCGI sent in stderr: "Primary script unknown" , client: 104.207.42.152, server: [REDACTED], request: "POST /wp-admin/xmlrpc.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] ... show less	Bad Web Bot Web App Attack
🇪🇸 librebit	2026-04-08 07:30:35 (2 months ago)	Brute force	Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇨🇦 ISPLtd	2026-03-06 23:29:51 (3 months ago)	Hacking, URL manipulation, malformed requests, or requests for invalid/hidden files like .git/config ... show more Hacking, URL manipulation, malformed requests, or requests for invalid/hidden files like .git/config or .env. Does not honour robots.txt. show less	Hacking Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-24 03:44:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 22:44:07.798074 2026] [security2:error] [pid 5953:tid 5953] [client 104.207.42.152:31951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ddwholesaleproperties.waggonerfinancial.com"] [uri "/.git/config"] [unique_id "aZ0eh-tH5SwaDGJzTo2W1AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Carsten	2026-02-23 19:58:34 (3 months ago)	GET [.git/config]	Port Scan
🇺🇸 TPI-Abuse	2026-02-23 12:13:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 07:13:40.227302 2026] [security2:error] [pid 31107:tid 31107] [client 104.207.42.152:41653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "freepb.org.mrcd.org"] [uri "/.git/config"] [unique_id "aZxEdAbfpAiStyq2BVrOKgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:31:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:31:04.817686 2026] [security2:error] [pid 3773:tid 3773] [client 104.207.42.152:32705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knoxvillelimos.com"] [uri "/api/.env"] [unique_id "aYrCmIiJW9FttRw7UwlckwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:45:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:45:51.756673 2026] [security2:error] [pid 14682:tid 14682] [client 104.207.42.152:12591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnawebinc.com"] [uri "/api/.env"] [unique_id "aYq3_3aW88a0Tzvhct53uQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:11:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:10:59.929690 2026] [security2:error] [pid 26853:tid 26853] [client 104.207.42.152:52761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icesoft.blog"] [uri "/v2/.git/config"] [unique_id "aYqv04EnNnRdzAHGOcgwCAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:24:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:24:33.053040 2026] [security2:error] [pid 2268:tid 2268] [client 104.207.42.152:31173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbyimc.com"] [uri "/v2/.git/config"] [unique_id "aYqk8e8IlM14mVE-n-9aUAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:46:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:46:38.463083 2026] [security2:error] [pid 31703:tid 31703] [client 104.207.42.152:19435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinesiologiaenmovimiento.com"] [uri "/site/.git/config"] [unique_id "aYqcDnB5iOpOyvAQda7Z3wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 02:23:42 (4 months ago)	Blocking for trying to access an exploit file: /.env.production	Hacking
🇩🇪 Bedios GmbH	2026-02-10 01:46:56 (4 months ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-02-10 00:47:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:47:25.365209 2026] [security2:error] [pid 2606990:tid 2606990] [client 104.207.42.152:62907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.com"] [uri "/frontend/.env"] [unique_id "aYqAHZiD2UTYOIYOio4oXAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇦 202.137.142.246

🇸🇦 155.138.88.244

🇺🇸 128.203.204.124

🇻🇳 109.237.65.32

🇻🇳 103.172.78.123

🇷🇴 80.94.92.165

🇫🇷 54.38.177.67

🇯🇵 45.250.255.226

🇻🇳 36.50.177.238

🇺🇸 23.239.4.211

🇮🇳 4.213.224.194

🇺🇸 3.83.245.221

🇹🇼 198.235.24.89

🇹🇳 197.238.150.167

🇪🇸 185.167.90.252

🇮🇳 182.95.123.202

🇦🇪 165.154.12.108

🇮🇩 158.140.178.46

🇹🇼 111.70.43.169

🇩🇪 91.204.46.121