JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.173

104.207.42.173 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.173

Whois 104.207.42.173

IP Abuse Reports for 104.207.42.173:

This IP address has been reported a total of 149 times from 21 distinct sources. 104.207.42.173 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-15 00:24:47 (3 weeks ago)	Brute force	Brute-Force
🇫🇷 vtchost.com	2026-01-23 10:31:32 (4 months ago)	jummy, honey! - honeypot hit - ignored robots.txt, possible botnet ...	Bad Web Bot Exploited Host
🇦🇺 MAGIC	2026-01-18 00:07:42 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇧🇷 somosbr	2025-12-21 17:27:34 (5 months ago)	[2025-12-21T17:27:34Z] Unsolicited scan from 104.207.42.173 to port 26/tcp	Port Scan
🇺🇸 OceanTreasure	2025-12-09 06:33:18 (5 months ago)	tcp/443; Probing for exposed Subversion repository database files: "GET /.svn/wc.db" @ 2025-12-08T13 ... show more tcp/443; Probing for exposed Subversion repository database files: "GET /.svn/wc.db" @ 2025-12-08T13:30:56Z [proxy] show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 23:04:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 18:03:59.832004 2025] [security2:error] [pid 7006:tid 7006] [client 104.207.42.173:10913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "salazartransfers.com"] [uri "/.svn/wc.db"] [unique_id "aTdZXyOr_t6m8OkJ9u7ahgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 19:51:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 14:51:16.634564 2025] [security2:error] [pid 30984:tid 30984] [client 104.207.42.173:37547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "belgiophar.net"] [uri "/.git/HEAD"] [unique_id "aTSJNKBXDWx0-zsWUxS0YgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 16:15:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 11:14:57.734258 2025] [security2:error] [pid 30066:tid 30066] [client 104.207.42.173:19709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertprowse.net"] [uri "/.svn/wc.db"] [unique_id "aTRWgTrQj2l8Ad_iJhLvnAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 11:11:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:11:09.662658 2025] [security2:error] [pid 23990:tid 23990] [client 104.207.42.173:9373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "milajarecords.com"] [uri "/.git/HEAD"] [unique_id "aTK9zc8Amys-_13wQtvChwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 04:17:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 23:17:49.790974 2025] [security2:error] [pid 28031:tid 28031] [client 104.207.42.173:14835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulbihn.com"] [uri "/.svn/wc.db"] [unique_id "aTJc7Z6PxcXx90xUWHwf5QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 04:00:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 23:00:51.186624 2025] [security2:error] [pid 25074:tid 25074] [client 104.207.42.173:60421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vc1.com"] [uri "/.git/HEAD"] [unique_id "aTJY84DZ1_bA1759VBxQuQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:39:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:39:24.306815 2025] [security2:error] [pid 24456:tid 24456] [client 104.207.42.173:55211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alessiosilvestrin.com"] [uri "/.git/HEAD"] [unique_id "aTIpvADnyVar3eOLWDssVAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 23:01:46 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-25 06:16:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:16:11.950973 2025] [security2:error] [pid 8344:tid 8344] [client 104.207.42.173:31323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "erass.info"] [uri "/.env"] [unique_id "aSVJq69bMJR7k7eD2k9_1QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:40:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.173 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:40:38.074951 2025] [security2:error] [pid 23655:tid 23655] [client 104.207.42.173:47691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.voltbox.com"] [uri "/.git/HEAD"] [unique_id "aSUzRk7ad1xKwg8ZtojA3QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇮 176.65.134.20

🇺🇸 172.221.167.155

🇻🇳 171.225.185.49

🇨🇳 118.145.102.69

🇸🇬 103.134.154.36

🇺🇸 96.230.117.115

🇺🇸 70.167.221.254

🇨🇳 27.19.49.132

🇷🇴 2.57.121.25

🇳🇱 195.178.110.30

🇮🇳 139.59.83.32

🇹🇷 88.230.70.20

🇸🇦 51.211.45.43

🇳🇱 45.148.10.147

🇳🇱 45.148.10.141

🇷🇺 31.173.29.136

🇺🇸 162.216.149.95

🇨🇳 106.13.100.52

🇻🇳 103.173.227.57

🇰🇪 102.210.149.236