JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.233

104.207.42.233 was found in our database!

This IP was reported 164 times. Confidence of Abuse is 23%: ?

23%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.233

Whois 104.207.42.233

IP Abuse Reports for 104.207.42.233:

This IP address has been reported a total of 164 times from 24 distinct sources. 104.207.42.233 was first reported on June 11th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 F242	2026-05-22 20:05:18 (2 weeks ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇪🇸 librebit	2026-05-17 05:19:59 (3 weeks ago)	Brute force	Brute-Force
Anonymous	2026-05-04 13:55:01 (1 month ago)	suspicious request in access.log	Web App Attack
🇱🇻 garmtech.com	2026-05-04 06:11:15 (1 month ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-01 22:09:40 (1 month ago)	Auto-ban: >3000 req/min op 2026-05-01	Web App Attack SSH Hacking
🇪🇸 Francisco Vallejo	2026-04-30 11:53:26 (1 month ago)	[Thu Apr 30 13:53:26.134948 2026] [core:info] [pid 2212689:tid 133295350200000] [client 104.207.42.2 ... show more [Thu Apr 30 13:53:26.134948 2026] [core:info] [pid 2212689:tid 133295350200000] [client 104.207.42.233:13613] AH00128: File does not exist: /var/www/barluna/js/ie/respond.min.js [Thu Apr 30 13:53:26.137421 2026] [core:info] [pid 2212689:tid 133294779791040] [client 104.207.42.233:31859] AH00128: File does not exist: /var/www/barluna/js/jquery.scrolly.min.js [Thu Apr 30 13:53:26.140786 2026] [core:info] [pid 2212689:tid 133294771398336] [client 104.207.42.233:49199] AH00128: File does not exist: /var/www/barluna/js/ie/html5shiv.js [Thu Apr 30 13:53:26.144005 2026] [core:info] [pid 2212689:tid 133295375378112] [client 104.207.42.233:37879] AH00128: File does not exist: /var/www/barluna/js/jquery.min.js [Thu Apr 30 13:53:26.316973 2026] [core:info] [pid 2212688:tid 133294276458176] [client 104.207.42.233:22453] AH00128: File does not exist: /var/www/barluna/js/util.js ... show less	Brute-Force SSH
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:02 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇫🇷 mrcrassi	2025-12-16 13:07:55 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇭 backslash	2025-12-10 01:05:02 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇱🇻 garmtech.com	2025-11-26 19:50:02 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:05:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:05:38.722083 2025] [security2:error] [pid 1861:tid 1861] [client 104.207.42.233:55221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.eaglespiritproductions.net"] [uri "/.svn/wc.db"] [unique_id "aSVHMpYXep0H9-BZriBQYgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:50:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:50:35.287858 2025] [security2:error] [pid 12564:tid 12564] [client 104.207.42.233:13797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.independentmusicconference.com"] [uri "/.svn/wc.db"] [unique_id "aSVDqzINYovT7qXL79jXKAAAAGQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:29:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:29:43.114161 2025] [security2:error] [pid 10360:tid 10360] [client 104.207.42.233:28969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oshawinfree.robtown.com"] [uri "/.svn/wc.db"] [unique_id "aSU-x8ge2BlS9nZj9AsUMgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:03:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:03:34.848685 2025] [security2:error] [pid 10209:tid 10209] [client 104.207.42.233:55165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.parkgrant.com"] [uri "/.git/HEAD"] [unique_id "aSU4pnS1EdPORKe_XcRqmQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 164 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 185.100.159.165

🇺🇸 172.174.17.234

🇺🇸 47.251.248.165

🇯🇵 40.74.68.248

🇺🇸 2607:f8b0:4004:1002::12c

🇺🇸 196.251.81.14

🇯🇵 183.181.81.161

🇫🇮 178.20.210.208

🇺🇸 172.253.86.117

🇺🇸 132.196.82.6

🇹🇼 115.43.150.20

🇺🇸 66.132.195.27

🇺🇸 66.132.186.171

🇺🇸 20.168.122.83

🇨🇳 221.197.253.63

🇨🇳 203.76.241.18

🇿🇦 197.101.90.199

🇮🇳 122.187.237.122

🇻🇳 45.117.169.86

🇹🇼 35.229.213.140