JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.220

104.207.42.220 was found in our database!

This IP was reported 160 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.220

Whois 104.207.42.220

IP Abuse Reports for 104.207.42.220:

This IP address has been reported a total of 160 times from 25 distinct sources. 104.207.42.220 was first reported on June 6th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-19 15:46:04 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇮🇹 VHosting	2025-12-23 23:40:23 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
Anonymous	2025-12-22 14:50:45 (5 months ago)	Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.22 is noted in report t ... show more Attempted brute force login to web vpn 126 time(s); last attempt for 2025.12.22 is noted in report timestamp show less	Hacking Brute-Force
🇵🇱 sefinek.net	2025-12-05 15:19:27 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇪🇸 10dencehispahard SL	2025-12-03 07:33:07 (6 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-11-28 02:43:55 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 04:13:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:13:40.493995 2025] [security2:error] [pid 13113:tid 13197] [client 104.207.42.220:15895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jean-paullederer.com"] [uri "/.env"] [unique_id "aSZ-dBhhwHzhmSuL6kiBywAAAZg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:11:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:11:23.849771 2025] [security2:error] [pid 24019:tid 24019] [client 104.207.42.220:34273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bcbikini.com.puckerbikini.com"] [uri "/.env"] [unique_id "aSZTu85eXEQGUEyyExeN4AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-11-25 23:14:29 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.42.220 (US/United States/-) ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.42.220 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:44:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:44:12.013416 2025] [security2:error] [pid 15336:tid 15336] [client 104.207.42.220:50195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.theledman.net"] [uri "/.svn/wc.db"] [unique_id "aSUX_IocxYJ41jvHaK4ttgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:02:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:02:03.797979 2025] [security2:error] [pid 30018:tid 30018] [client 104.207.42.220:49709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.123clearmyticket.com"] [uri "/.env"] [unique_id "aSQfCw9h4E2KHirdf29jAgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:27:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:27:33.432770 2025] [security2:error] [pid 4140:tid 4140] [client 104.207.42.220:17341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lzbvi.com"] [uri "/.svn/wc.db"] [unique_id "aSQW9Tl4b5BjSb8KIGPIRwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-11-19 05:01:11 (6 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-11-14 02:34:14 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 160 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.191.48.9

🇺🇸 172.253.223.220

🇺🇸 162.216.150.229

🇸🇬 128.199.231.249

🇷🇴 80.94.92.182

🇩🇪 47.245.135.164

🇮🇩 43.230.5.42

🇺🇸 2620:18c:0:192::e0:225

🇺🇸 2604:a940:302:118:0:41::

🇨🇳 218.13.26.42

🇵🇱 185.241.208.20

🇳🇱 185.189.182.234

🇺🇸 173.255.223.32

🇺🇸 104.243.35.45

🇷🇺 95.167.225.76

🇨🇦 85.217.149.45

🇩🇪 69.5.169.175

🇺🇸 66.132.186.252

🇺🇸 40.119.29.137

🇳🇱 31.14.32.6