JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.208

104.207.42.208 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.208

Whois 104.207.42.208

IP Abuse Reports for 104.207.42.208:

This IP address has been reported a total of 155 times from 20 distinct sources. 104.207.42.208 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-01-16 14:31:50 (4 months ago)	wordpress-trap	Web App Attack
🇺🇸 fbarela	2026-01-02 11:00:27 (5 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:52 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-23 22:35:06 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-09 06:19:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 01:19:21.150749 2025] [security2:error] [pid 24833:tid 24861] [client 104.207.42.208:30603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humaehealth.com"] [uri "/.env"] [unique_id "aTe_aattdr3go2F-sy-eUwAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2025-12-07 04:54:40 (6 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.svn/wc.db (Rule ID: 920440) - URL file extension is restricted by policy show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:17:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:17:15.574134 2025] [security2:error] [pid 29108:tid 29108] [client 104.207.42.208:14519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "henryweb.net"] [uri "/.svn/wc.db"] [unique_id "aTQQu0x6dR_oC4kbCesmQAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-06 02:30:10 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-12-05 07:51:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:51:49.336157 2025] [security2:error] [pid 28454:tid 28454] [client 104.207.42.208:56873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easyhousecash.com"] [uri "/.git/HEAD"] [unique_id "aTKPFUrqpzsMDnr__FwNOgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-28 22:43:58 (6 months ago)	Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.28 is noted in report ti ... show more Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.28 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 10:52:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:52:31.580513 2025] [security2:error] [pid 25273:tid 25273] [client 104.207.42.208:45195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.encoremtmorris.com"] [uri "/.svn/wc.db"] [unique_id "aSbb708NrQiW7pCf_RAOgQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 10:30:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:30:20.367830 2025] [security2:error] [pid 19004:tid 19004] [client 104.207.42.208:35231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.gracefaerie.com"] [uri "/.svn/wc.db"] [unique_id "aSbWvFQCy9yBaTaPe2KuZQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:07:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:07:39.026324 2025] [security2:error] [pid 16372:tid 16372] [client 104.207.42.208:37839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.weddingnapkinscustom.com"] [uri "/.svn/wc.db"] [unique_id "aSanO3cUfyKGKJIpDy3twAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:42:52 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.42.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:42:48.405824 2025] [security2:error] [pid 3315:tid 3315] [client 104.207.42.208:24015] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.cier.xyz\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cier.xyz"] [uri "/.svn/wc.db"] [unique_id "aSahaOMufo_Dz4Up0WwPdgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 138.124.5.60

🇪🇹 196.189.236.162

🇺🇿 185.163.26.56

🇻🇳 152.32.163.183

🇮🇷 79.127.66.250

🇮🇶 65.20.174.49

🇺🇸 64.62.156.168

🇫🇷 217.182.64.143

🇺🇸 206.212.244.18

🇺🇸 205.210.31.13

🇫🇮 185.229.66.92

🇺🇸 162.217.162.239

🇳🇱 158.94.210.138

🇮🇩 110.136.193.202

🇩🇪 104.248.43.109

🇺🇸 72.14.147.177

🇸🇬 47.79.207.199

🇯🇵 43.167.168.2

🇮🇩 103.168.135.187

🇮🇩 103.166.10.244