JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.32

104.207.42.32 was found in our database!

This IP was reported 161 times. Confidence of Abuse is 53%: ?

53%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.32

Whois 104.207.42.32

IP Abuse Reports for 104.207.42.32:

This IP address has been reported a total of 161 times from 32 distinct sources. 104.207.42.32 was first reported on June 6th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 iNetWorker	2026-06-16 16:39:09 (1 day ago)	trolling for resource vulnerabilities	Web App Attack
🇩🇪 FeG Deutschland	2026-06-16 07:04:46 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇫🇷 ELYAZ	2026-06-13 20:23:11 (4 days ago)	(y4) Failed scan -byebye- from 104.207.42.32 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-12 08:50:54 (5 days ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=homeburger.gr; logs=/var/log/httpd/domains/homeburger.g ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=homeburger.gr; logs=/var/log/httpd/domains/homeburger.gr.log; samples=site_wide=true \| distinct_ips=15 \| /wp-login.php show less	Hacking Web App Attack
🇬🇷 setupgr	2026-06-12 07:19:07 (5 days ago)	(mod_security) mod_security (id:900001) triggered by 104.207.42.32: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 104.207.42.32: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 10:19:07.259797 2026] [security2:error] [pid 104034:tid 104119] [client 104.207.42.32:17167] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: gyrosplace.gr"] [severity "CRITICAL"] [tag "security"] [hostname "gyrosplace.gr"] [uri "/wp-login.php"] [unique_id "aiuy61abcBA3ZH61lLfw2wAAABU"], referer: https://gyrosplace.gr/wp-login.php show less	Port Scan
🇮🇩 zam	2026-06-11 20:08:40 (6 days ago)	104.207.42.32 - - [11/Jun/2026:20:08:12 +0000] "POST /wp-login.php HTTP/1.1" 301 277	Web App Attack
🇬🇧 PeravixGroup	2026-06-10 21:16:53 (1 week ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 mnsf	2026-06-10 19:05:58 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇲🇹 Malta	2026-06-10 14:22:55 (1 week ago)	104.207.42.32 - - [10/Jun/2026:16:22:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 104.207.42.32 - - [10/Jun/2026:16:22:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Hacking Web App Attack VPN IP
🇳🇱 DonAtari	2026-05-23 03:21:05 (3 weeks ago)	DShield firewall scan - TCP to port 9000	Brute-Force SSH
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 mnsf	2026-02-19 20:05:39 (3 months ago)	Scanning/Probing (22)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 04:28:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:28:50.425224 2026] [security2:error] [pid 27805:tid 27805] [client 104.207.42.32:22659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmichaelbabcock.com"] [uri "/app/.env"] [unique_id "aZaRgq60V2WzXaRGD5oP0wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:57:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:57:46.316396 2026] [security2:error] [pid 11081:tid 11081] [client 104.207.42.32:13013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ken-parker.com"] [uri "/.env.save"] [unique_id "aZZ8KllfhcnaKQ4RDsxBRgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-02-19 01:56:16 (3 months ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection

Showing 1 to 15 of 161 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 158.94.210.190

🇨🇳 111.228.10.226

🇨🇳 111.50.143.78

🇸🇬 47.237.20.150

🇺🇸 2001:470:1:fb5::1ab

🇰🇷 222.98.122.37

🇺🇸 209.141.47.217

🇳🇱 204.76.203.219

🇦🇱 195.8.107.199

🇱🇹 193.187.114.125

🇳🇱 176.65.148.2

🇮🇳 165.101.250.39

🇺🇸 162.216.150.86

🇫🇮 147.185.133.122

🇮🇳 146.196.37.129

🇺🇸 142.147.244.235

🇻🇳 125.212.244.35

🇭🇰 124.156.129.246

🇨🇳 106.13.14.186

🇰🇪 102.0.13.94