JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.213

104.207.42.213 was found in our database!

This IP was reported 150 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.213

Whois 104.207.42.213

IP Abuse Reports for 104.207.42.213:

This IP address has been reported a total of 150 times from 18 distinct sources. 104.207.42.213 was first reported on June 12th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-05-17 03:55:01 (4 weeks ago)	Brute force	Brute-Force
Anonymous	2026-03-19 05:21:08 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 oncord	2026-02-23 21:32:14 (3 months ago)	Form spam	Web Spam
🇺🇸 mnsf	2026-02-18 04:05:18 (3 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 03:39:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 22:39:15.983857 2026] [security2:error] [pid 195138:tid 195143] [client 104.207.42.213:14357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rmoeis.com"] [uri "/admin/.env"] [unique_id "aZU0Y84RuyaxYGIf0CT68gAAAIM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-14 04:52:49 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /api/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /api/.env] show less	Hacking Web App Attack
🇺🇸 oncord	2026-02-13 11:11:38 (4 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 07:51:37 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:51:30.736944 2026] [security2:error] [pid 7644:tid 7644] [client 104.207.42.213:11753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kylight.net"] [uri "/.env.staging"] [unique_id "aY7YAuAZkKe2_Lw7PEPwyQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:02:34 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:02:29.484991 2026] [security2:error] [pid 29762:tid 29762] [client 104.207.42.213:41231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kooroshvaziri.com"] [uri "/backend/.env"] [unique_id "aY6-dXL5qJl-zGlwOx3VkwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:08:01 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:07:53.911734 2026] [security2:error] [pid 17361:tid 17361] [client 104.207.42.213:21449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingfish.bet"] [uri "/app/.git/config"] [unique_id "aY6jmfnyPOV0zPbXNoc7xwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:30:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:30:02.019980 2026] [security2:error] [pid 1165800:tid 1165800] [client 104.207.42.213:43573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kelticdreamsranch.com"] [uri "/.env"] [unique_id "aY6Mqqj70lvhVunMyjNOlwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:04:20 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:04:17.059949 2026] [security2:error] [pid 29587:tid 29587] [client 104.207.42.213:24821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kclawoffice.com"] [uri "/dev/.git/config"] [unique_id "aY6GoXpaSC39QUTHfix9dwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 22:59:55 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 20:55:43 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 15:55:36.127830 2026] [security2:error] [pid 23259:tid 23259] [client 104.207.42.213:46835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brupharm.net"] [uri "/.env"] [unique_id "aY4-SOqlYqRvr6TV9Lv1fgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:36:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:35:59.106215 2026] [security2:error] [pid 1990763:tid 1990763] [client 104.207.42.213:35265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billthompsons.com"] [uri "/.env"] [unique_id "aY4Pf64-l5CFL0CzX6tCeQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 150 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2001:67c:e60:c0c:192:42:116:143

🇧🇪 198.235.24.252

🇮🇳 182.95.189.206

🇧🇷 179.51.153.37

🇫🇮 178.20.29.34

🇺🇸 172.217.107.144

🇮🇳 103.182.132.154

🇮🇳 103.59.75.20

🇩🇪 78.111.67.242

🇨🇦 70.66.193.14

🇳🇱 45.148.10.141

🇮🇪 34.254.253.222

🇸🇪 31.208.108.219

🇲🇽 187.191.48.24

🇩🇪 172.70.246.109

🇩🇪 172.70.240.5

🇩🇪 172.69.150.24

🇩🇪 167.94.146.35

🇧🇷 129.121.54.237

🇻🇳 118.70.182.193