JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.224

104.207.42.224 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.224

Whois 104.207.42.224

IP Abuse Reports for 104.207.42.224:

This IP address has been reported a total of 138 times from 17 distinct sources. 104.207.42.224 was first reported on June 20th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-02-16 04:00:04 (4 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-14 21:09:30 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:09:22.910411 2026] [security2:error] [pid 9607:tid 9607] [client 104.207.42.224:18189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|primacomm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZDkgjtfsvQ_T19C5D7hQwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-03 22:18:48 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 17:18:43.901962 2026] [security2:error] [pid 3253714:tid 3253714] [client 104.207.42.224:60119] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYJ0Q1_KKDbAKN7-73hHEAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Smel	2026-01-25 01:07:01 (4 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:54 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇹 VHosting	2025-12-23 23:45:23 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 nowyouknow	2025-12-03 22:32:53 (6 months ago)	(From [email protected]) Hi, Managing your website updated and secure can be expensive. That’s ... show more (From [email protected]) Hi, Managing your website updated and secure can be expensive. That’s why we offer a done-for-you solution: For $69/month, we will: Create or refresh your entire website Host it (Optional - If you want) Update it with 60 minutes of monthly updates each month No hidden fees, no headaches—just a professional website that always looks great and works smoothly. Learn More https://websolutionsgenius.com/complete-website-package/ show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-11-25 06:30:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:29:56.972667 2025] [security2:error] [pid 5238:tid 5238] [client 104.207.42.224:40923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.maunakeavista.com"] [uri "/.git/HEAD"] [unique_id "aSVM5CQhO5cG0PCdEkZTtgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:02:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:02:30.922485 2025] [security2:error] [pid 16703:tid 16703] [client 104.207.42.224:16403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.jbaycabs.com"] [uri "/.svn/wc.db"] [unique_id "aSUqVpL4iMhF2WHB8SRg_QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 03:45:11 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 03:25:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:25:42.097877 2025] [security2:error] [pid 14557:tid 14557] [client 104.207.42.224:17791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.oakvillenaturopathicclinic.com"] [uri "/.git/HEAD"] [unique_id "aSUhtrkXOV9bzGKRxC9LRgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:04:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:03:43.628363 2025] [security2:error] [pid 15589:tid 15620] [client 104.207.42.224:40955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.julianositalianrestaurant.com"] [uri "/.env"] [unique_id "aSUcjyIjVFKa_KFJ49hyqwAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:16:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:16:28.497756 2025] [security2:error] [pid 9277:tid 9277] [client 104.207.42.224:33413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kinderland-preschool.com"] [uri "/.git/HEAD"] [unique_id "aSURfImfBJf5oQkepiN3ewAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:29:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:29:28.330044 2025] [security2:error] [pid 11714:tid 11714] [client 104.207.42.224:44525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.skulldump.com"] [uri "/.git/HEAD"] [unique_id "aST4aOMUe43SqVCdcDEqXgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-19 13:01:55 (7 months ago)	Attempted brute force login to web vpn 14 time(s); last attempt for 2025.11.19 is noted in report ti ... show more Attempted brute force login to web vpn 14 time(s); last attempt for 2025.11.19 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 136.248.247.188

🇭🇰 119.246.15.94

🇦🇺 60.231.217.149

🇧🇷 187.115.144.103

🇨🇳 180.168.24.186

🇺🇸 72.215.33.197

🇩🇪 194.88.98.119

🇨🇴 161.10.65.193

🇨🇳 123.163.114.38

🇭🇰 104.28.158.176

🇮🇩 103.99.214.16

🇵🇪 38.253.156.213

🇨🇳 220.181.108.174

🇧🇪 198.235.24.178

🇧🇪 198.235.24.175

🇪🇸 149.126.47.152

🇱🇹 81.30.98.44

🇩🇪 47.254.148.82

🇭🇰 34.92.151.74

🇺🇸 24.9.62.92