JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.218

104.207.42.218 was found in our database!

This IP was reported 164 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.218

Whois 104.207.42.218

IP Abuse Reports for 104.207.42.218:

This IP address has been reported a total of 164 times from 21 distinct sources. 104.207.42.218 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 oncord	2026-05-14 08:46:58 (1 month ago)	Form spam	Web Spam
🇫🇷 masterguru	2026-05-09 10:50:08 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.218 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.218 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇬🇧 PeravixGroup	2026-05-08 17:24:32 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇷 masterguru	2026-05-06 17:05:07 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.218 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.218 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-04-26 17:43:08 (1 month ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.218 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.42.218 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
Anonymous	2026-04-18 15:15:46 (1 month ago)	Forum/form spam	Web Spam
Anonymous	2026-03-13 21:26:10 (3 months ago)	Forum/form spam	Web Spam
🇵🇱 MrBoombastic	2026-03-08 06:51:13 (3 months ago)	WordPress comment spam. Reported by Spam2IP: https://github.com/MrBoombastic/wp-spam2ip	Blog Spam
🇦🇺 MAGIC	2026-02-28 00:15:20 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-02-23 12:43:18 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-11 20:34:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 15:34:48.388697 2026] [security2:error] [pid 15187:tid 15241] [client 104.207.42.218:22931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arcontractingservices.com"] [uri "/backup/.git/config"] [unique_id "aYzn6NE-upNczeVY_coiPgAAAUg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-10 15:07:20 (4 months ago)	Blocking for trying to access an exploit file: /.aws/credentials	Hacking
🇺🇸 TPI-Abuse	2026-02-10 02:16:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:16:46.961728 2026] [security2:error] [pid 32696:tid 32696] [client 104.207.42.218:15135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killeramps.com"] [uri "/v2/.git/config"] [unique_id "aYqVDuMpRSPcVkfla-k8xwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:22:22 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:22:19.668438 2026] [security2:error] [pid 20972:tid 20983] [client 104.207.42.218:59627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khalessilaw.com"] [uri "/backend/.env"] [unique_id "aYqISxYqCguJMhGb04AILgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:29:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.218 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:29:25.445125 2026] [security2:error] [pid 30720:tid 30720] [client 104.207.42.218:21203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithwillwynne.com"] [uri "/dev/.git/config"] [unique_id "aYpt1ROfCjHIVkfm9Xsy4QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 164 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.141.47.217

🇰🇷 175.206.1.60

🇧🇼 168.167.248.214

🇵🇱 57.128.225.99

🇸🇬 47.79.201.41

🇬🇷 2.85.69.181

🇰🇷 211.40.167.121

🇮🇳 203.193.137.250

🇨🇴 190.5.200.98

🇧🇷 177.128.224.122

🇸🇪 130.49.79.175

🇸🇬 128.199.182.55

🇬🇧 35.203.210.145

🇨🇦 20.104.198.19

🇨🇦 2607:f8b0:4023:1807::12b

🇺🇸 2604:a880:400:d1:0:4:963b:e001

🇳🇱 203.55.131.4

🇺🇸 195.184.76.131

🇺🇸 146.190.73.134

🇨🇳 123.173.102.91