JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.158

104.207.42.158 was found in our database!

This IP was reported 162 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.158

Whois 104.207.42.158

IP Abuse Reports for 104.207.42.158:

This IP address has been reported a total of 162 times from 22 distinct sources. 104.207.42.158 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-05-28 23:06:20 (2 weeks ago)	Scanning/Probing (34)	Brute-Force Web App Attack
🇨🇭 backslash	2026-05-23 05:00:19 (3 weeks ago)		Bad Web Bot
Anonymous	2026-02-27 06:45:02 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 07:43:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:43:08.142272 2026] [security2:error] [pid 31063:tid 31063] [client 104.207.42.158:49619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kwtlaw.com"] [uri "/.env"] [unique_id "aY7WDPGsL5BfaBokznJDCAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:53:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:52:57.588907 2026] [security2:error] [pid 28569:tid 28569] [client 104.207.42.158:33753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "konahawaiirealty.com"] [uri "/.git/config"] [unique_id "aY68OZ60BDjb42dQ1ElNNwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-13 03:06:52 (4 months ago)	Too many Status 40X (13) Scanning/Probing (13)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:22:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:22:19.745567 2026] [security2:error] [pid 1153924:tid 1153924] [client 104.207.42.158:22893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithgill.com"] [uri "/api/.git/config"] [unique_id "aY6K2-ryIEUxmrf9MIT8kwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:37:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:36:55.048009 2026] [security2:error] [pid 12594:tid 12594] [client 104.207.42.158:56157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "katharinanitzpon.com"] [uri "/app/.git/config"] [unique_id "aY6AN2OsixzWV-9rcQ66gAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 00:49:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 19:48:57.527915 2026] [security2:error] [pid 30253:tid 30253] [client 104.207.42.158:61265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kampinenlaw.com"] [uri "/backend/.env"] [unique_id "aY50-YRPgeW_Nc1322iMvQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 20:12:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 15:11:59.967885 2026] [security2:error] [pid 1659010:tid 1659010] [client 104.207.42.158:20407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "breathofgodministry.com"] [uri "/.env"] [unique_id "aY40DzrWoGMqtoumC63KDAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 14:51:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 09:50:56.400520 2026] [security2:error] [pid 11171:tid 11171] [client 104.207.42.158:24359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aticom.net"] [uri "/.git/config"] [unique_id "aY3o0AxzgiSbrkhj1mcVBgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:39:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:39:21.068765 2026] [security2:error] [pid 11266:tid 11266] [client 104.207.42.158:47121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brownlegacy.org"] [uri "/.git/config"] [unique_id "aY0TKVezDgilemaR6tb6WgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-11 23:00:00 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-11	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-11 21:17:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 16:17:01.475809 2026] [security2:error] [pid 31162:tid 31162] [client 104.207.42.158:38385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coyotebytes.net"] [uri "/site/.git/config"] [unique_id "aYzxzfFvSnec9EfpEkWUwQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-11 00:56:00 (4 months ago)	Blocking for trying to access an exploit file: /frontend/.env	Hacking

Showing 1 to 15 of 162 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 213.14.193.59

🇹🇼 198.235.24.93

🇬🇧 188.122.37.97

🇩🇪 178.16.52.20

🇻🇳 171.243.150.62

🇧🇪 130.211.52.13

🇨🇳 115.191.22.87

🇳🇱 89.21.67.133

🇮🇷 85.9.111.160

🇺🇸 2001:470:1:332::73

🇭🇰 218.255.103.194

🇹🇼 198.235.24.119

🇨🇷 190.14.153.251

🇺🇸 147.185.132.46

🇺🇸 104.243.35.104

🇺🇸 104.237.132.58

🇭🇰 104.208.108.166

🇸🇪 89.233.240.49

🇺🇸 63.135.161.150

🇺🇸 43.130.44.24