JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.225

104.207.42.225 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 7%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.225

Whois 104.207.42.225

IP Abuse Reports for 104.207.42.225:

This IP address has been reported a total of 145 times from 21 distinct sources. 104.207.42.225 was first reported on June 3rd 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-07 11:43:36 (1 month ago)	606 requests with url.path *.env	Brute-Force Bad Web Bot
Anonymous	2026-04-23 02:14:29 (1 month ago)	Forum/form spam	Web Spam
🇪🇸 librebit	2026-04-09 02:32:16 (2 months ago)	Brute force	Brute-Force
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 Gem	2026-02-13 23:19:51 (4 months ago)	Unauthorized web scan.	Web App Attack
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-02-10 03:51:52 (4 months ago)	104.207.42.225 - - [09/Feb/2026:20:51:51 -0700] "GET /new/.git/config HTTP/1.1" 301 495 "-" "Mozilla ... show more 104.207.42.225 - - [09/Feb/2026:20:51:51 -0700] "GET /new/.git/config HTTP/1.1" 301 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:01:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:01:32.419770 2026] [security2:error] [pid 9684:tid 9684] [client 104.207.42.225:30605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-spose.com"] [uri "/.git/config"] [unique_id "aYqfjAurhHMsM3NwRglNcAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:24:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:24:11.130465 2026] [security2:error] [pid 5269:tid 5282] [client 104.207.42.225:32809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimbleproperties.com"] [uri "/test/.git/config"] [unique_id "aYqWy7k8htmo_Z-NcJ6-SQAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:51:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:51:33.732385 2026] [security2:error] [pid 19473:tid 19473] [client 104.207.42.225:61055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kendylcelina.com"] [uri "/.env.save"] [unique_id "aYpzBRg5CY-b4CtEQmaajAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:19:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:19:48.465993 2026] [security2:error] [pid 2499302:tid 2499302] [client 104.207.42.225:56441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotpay.co"] [uri "/new/.git/config"] [unique_id "aYpdhObyabW4iik8sUXLqQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:09:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:09:08.697320 2026] [security2:error] [pid 27838:tid 27838] [client 104.207.42.225:36101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenjoyce.com"] [uri "/.env.save"] [unique_id "aYpM9L0gNci-i_UkHGKNfQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 COMAITE	2026-02-06 05:49:15 (4 months ago)	Common web attack from 104.207.42.225.	Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 12:56:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 07:56:31.722268 2026] [security2:error] [pid 15720:tid 15720] [client 104.207.42.225:10349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oakleighfarm.com"] [uri "/.svn/wc.db"] [unique_id "aWjj_7q4Jb-dihU8tJcIggAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-15 01:57:04 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 20:56:58.805642 2026] [security2:error] [pid 25412:tid 25412] [client 104.207.42.225:37179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sierrablue.farm"] [uri "/.svn/wc.db"] [unique_id "aWhJajY4ssCbLUWMTtOjewAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-13 11:55:51 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇺 197.225.146.23

🇳🇱 176.65.148.30

🇵🇰 154.57.216.142

🇨🇳 106.75.185.227

🇨🇳 106.54.59.93

🇫🇷 92.222.108.99

🇩🇪 69.5.169.147

🇸🇦 51.36.227.158

🇳🇱 45.148.10.120

🇨🇳 36.99.98.18

🇺🇸 2001:470:1:fb5::146

🇺🇸 216.25.89.104

🇮🇳 203.192.232.180

🇺🇸 199.195.254.215

🇬🇧 198.244.183.24

🇨🇦 185.92.26.55

🇺🇸 135.237.127.54

🇰🇷 129.154.62.115

🇧🇩 103.159.115.47

🇲🇦 102.97.38.188