JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.194

104.207.42.194 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 44%: ?

44%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.194

Whois 104.207.42.194

IP Abuse Reports for 104.207.42.194:

This IP address has been reported a total of 150 times from 24 distinct sources. 104.207.42.194 was first reported on June 11th 2024, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-24 03:18:56 (22 hours ago)	Brute force	Brute-Force
🇫🇷 Sklurk	2026-06-23 03:52:00 (1 day ago)	Web App Attack	Web App Attack
🇩🇪 Ad Ministrator	2026-06-22 22:02:47 (2 days ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
🇫🇷 Sklurk	2026-06-17 04:04:08 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 mnsf	2026-06-04 19:08:46 (2 weeks ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇬🇧 spamverify.com	2026-06-03 15:19:14 (3 weeks ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
Anonymous	2026-05-31 13:00:40 (3 weeks ago)	wordpress authentication brute force	Brute-Force Web App Attack
🇺🇸 dtorrer	2026-05-29 21:38:25 (3 weeks ago)	Brute-force general attack.	Brute-Force
🇲🇽 octageeks.com	2026-05-24 04:12:57 (1 month ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 lostswordfish.com	2026-05-23 09:42:04 (1 month ago)	Wordfence waf block on secure	Web App Attack
🇩🇪 FeG Deutschland	2026-05-23 07:49:26 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:30:42 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇵🇱 sefinek.net	2025-12-11 02:15:41 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-28 11:50:06 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.42.194 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.42.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 06:50:02.869685 2025] [security2:error] [pid 23288:tid 23288] [client 104.207.42.194:10101] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|99newmexicans.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "99newmexicans.com"] [uri "/backup.sql"] [unique_id "aSmManDLJcCSnb0coKgKgwAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 11:30:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.194 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 06:30:18.142883 2025] [security2:error] [pid 28477:tid 28477] [client 104.207.42.194:56849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amaia.biz"] [uri "/.env.backup"] [unique_id "aSmHyj7P87KEWEtdXKEDJQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.73.124.228

🇨🇳 183.197.45.40

🇰🇭 117.20.119.70

🇰🇷 112.216.129.27

🇸🇨 45.194.67.130

🇹🇼 198.235.24.100

🇬🇧 193.163.125.190

🇪🇸 143.47.35.180

🇺🇸 71.54.163.49

🇺🇸 64.225.48.157

🇸🇳 41.82.50.218

🇳🇱 2a12:da86:b51f:f92c:e20a:fff3:112a:9ad2

🇳🇱 195.178.110.227

🇳🇱 188.166.71.161

🇪🇸 158.158.47.67

🇨🇳 114.80.40.96

🇯🇴 86.108.16.158

🇸🇪 81.229.41.66

🇸🇦 64.137.250.215

🇭🇰 45.249.247.165