JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.76

104.207.42.76 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.76

Whois 104.207.42.76

IP Abuse Reports for 104.207.42.76:

This IP address has been reported a total of 148 times from 19 distinct sources. 104.207.42.76 was first reported on June 20th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-06-06 03:38:53 (1 day ago)	dot file probe	Web App Attack
🇵🇱 sefinek.net	2025-12-21 04:20:52 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 stinpriza	2025-11-28 01:53:35 (6 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:25:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:25:38.255903 2025] [security2:error] [pid 2794805:tid 2794805] [client 104.207.42.76:30383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.franchiseconsultants.org"] [uri "/.svn/wc.db"] [unique_id "aSbjsis0W3YZHdkGhOrU7QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:56:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:56:07.188254 2025] [security2:error] [pid 31185:tid 31185] [client 104.207.42.76:43319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.sweetbailey.com"] [uri "/.git/HEAD"] [unique_id "aSakh0qX9tocFsGgEJjC4QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 03:15:58 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:14:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:14:46.048852 2025] [security2:error] [pid 17544:tid 17568] [client 104.207.42.76:45925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nomadic-welshman.adetnw.com"] [uri "/.svn/wc.db"] [unique_id "aSZwprdIsiK1k1jqHcT7zAAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:43:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:42:51.742901 2025] [security2:error] [pid 7547:tid 7547] [client 104.207.42.76:41959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pixzen.com"] [uri "/.env"] [unique_id "aSZNC0NtKS89F5gPAzVL4QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:09:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:09:24.616060 2025] [security2:error] [pid 10048:tid 10048] [client 104.207.42.76:52225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thenitecapsbluesband.com"] [uri "/.env"] [unique_id "aSZFNP3M2MztN53xU3aXGgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:37:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:37:22.096012 2025] [security2:error] [pid 1278:tid 1301] [client 104.207.42.76:21695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sgs.schoprint.com"] [uri "/.svn/wc.db"] [unique_id "aSUIUs-5_Q7Y14ElCf2DnQAAAVQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:41:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:41:41.313869 2025] [security2:error] [pid 13941:tid 13992] [client 104.207.42.76:15829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.supradig.com"] [uri "/.env"] [unique_id "aSQaRfSSVFm8noxFLWyMpAAAAU4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:54:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:54:52.444829 2025] [security2:error] [pid 27154:tid 27154] [client 104.207.42.76:11325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.noriega.us"] [uri "/.svn/wc.db"] [unique_id "aSQPTKJ3hQulf51arK7W7QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-17 11:19:50 (6 months ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Hacking SQL Injection Web App Attack
Anonymous	2025-11-14 05:16:22 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-19 20:44:58 (7 months ago)	Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.19 is noted in report ti ... show more Attempted brute force login to web vpn 54 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.216.145.165

🇧🇷 177.72.195.114

🇯🇵 172.105.224.72

🇧🇷 164.163.24.11

🇺🇸 162.216.150.199

🇮🇶 151.236.188.250

🇹🇭 118.193.57.218

🇨🇳 115.190.245.176

🇵🇰 103.125.177.19

🇷🇴 92.118.39.62

🇫🇷 85.217.140.36

🇳🇱 85.121.127.147

🇩🇪 84.32.10.200

🇪🇸 79.117.251.101

🇳🇱 68.183.6.135

🇺🇸 66.132.195.97

🇬🇧 35.203.210.86

🇺🇸 2604:a880:400:d1:0:4:8bf7:f001

🇨🇳 220.168.84.220

🇸🇬 194.5.82.54