JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.214

104.207.42.214 was found in our database!

This IP was reported 162 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.214

Whois 104.207.42.214

IP Abuse Reports for 104.207.42.214:

This IP address has been reported a total of 162 times from 32 distinct sources. 104.207.42.214 was first reported on June 11th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 brechtr	2026-06-18 01:21:50 (3 days ago)	[Press84-BanHammer] bad username — Sourced from: brechtryckaert.com — Request: POST /wp-login.php	Brute-Force
🇺🇸 lostswordfish.com	2026-06-16 20:58:04 (4 days ago)	Wordfence waf block on decarcerationnation	Web App Attack
Anonymous	2026-03-06 16:19:47 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-15 12:04:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:04:10.303813 2026] [security2:error] [pid 28299:tid 28299] [client 104.207.42.214:17869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pandahh.com"] [uri "/.env.local"] [unique_id "aZG2OoJQuXZpVOhvFpcu5AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mario Silber	2026-02-15 11:54:03 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.42.214 (US/United States/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 11:30:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:30:19.114000 2026] [security2:error] [pid 30240:tid 30240] [client 104.207.42.214:43613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ozera.com"] [uri "/.env"] [unique_id "aZGuSzHAjXLNY9ULsRYYLQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:53:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:53:29.750312 2026] [security2:error] [pid 7262:tid 7262] [client 104.207.42.214:20335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seebeexee.com"] [uri "/.env.production"] [unique_id "aZGlqb_KltmzRDg7fYNjbAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 07:03:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 02:03:26.343038 2026] [security2:error] [pid 980738:tid 980738] [client 104.207.42.214:32901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "origenial.com"] [uri "/.env.local"] [unique_id "aZFvviZWQMkEoBAUVS97nwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-02-15 05:58:38 (4 months ago)	Accessed trap at '/.git/config'	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:31:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:31:47.226744 2026] [security2:error] [pid 19377:tid 19377] [client 104.207.42.214:63303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sb-adventures.com"] [uri "/backend/.env"] [unique_id "aZFaQ6MWYft-VKve1n9OwAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 05:18:23 (4 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 05:18:03 (4 months ago)	Try to access /config/.env	Web App Attack
🇨🇭 Origon	2026-02-15 04:33:39 (4 months ago)	http-sensitive-files - IP: 104.207.42.214 - time="2026-02-15T05:33:39+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.42.214 - time="2026-02-15T05:33:39+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.42.214 (US/200373) : 4h ban on Ip 104.207.42.214" module=db show less	Web App Attack
🇳🇱 MM-bot	2026-02-15 04:20:20 (4 months ago)	URL-probe: HTTP/1.1 GET request on /.env (2026-02-15 05:20:20 UTC+1)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:06:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:06:36.868582 2026] [security2:error] [pid 22106:tid 22176] [client 104.207.42.214:18283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "power51.com"] [uri "/.env.local"] [unique_id "aZFGTMhSZQInS4HdHIcA8QAAAYk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 162 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.141.71.166

🇬🇧 185.247.137.138

🇬🇧 159.65.91.36

🇺🇸 147.182.247.10

🇵🇪 38.158.83.105

🇺🇸 3.87.27.156

🇵🇭 126.209.52.228

🇮🇳 122.165.72.15

🇬🇧 193.32.209.234

🇧🇴 190.129.122.12

🇳🇱 176.65.139.181

🇺🇸 172.172.214.224

🇧🇷 164.163.24.11

🇨🇳 122.239.96.227

🇨🇳 117.132.188.204

🇮🇳 103.91.246.101

🇧🇷 45.205.1.42

🇷🇺 37.77.150.241

🇺🇸 2604:a880:400:d1:0:4:9e78:7001

🇧🇷 189.84.238.246