JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.42.92

104.207.42.92 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 20%: ?

20%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.42.92

Whois 104.207.42.92

IP Abuse Reports for 104.207.42.92:

This IP address has been reported a total of 149 times from 20 distinct sources. 104.207.42.92 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-30 09:19:24 (1 week ago)	Web attack blocked by Wordfence on vestingstadvalkenburg.nl (1 hit). Reported by CRMON.	Web App Attack
🇲🇽 octageeks.com	2026-05-30 04:13:51 (1 week ago)	Wordpress malicious attack:[octaflood]	Web App Attack
Anonymous	2026-05-29 02:03:05 (1 week ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; s ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=hparxo.gr; logs=/var/log/httpd/domains/hparxo.gr.log; samples=site_wide=true \| distinct_ips=18 \| /wp-login.php show less	Hacking Web App Attack
Anonymous	2026-04-06 17:20:41 (2 months ago)	Forum/form spam	Web Spam
Anonymous	2026-01-14 11:00:10 (4 months ago)	Forum/form spam	Web Spam
Anonymous	2025-12-30 13:20:53 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇩🇪 iNetWorker	2025-12-30 11:46:19 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇵🇱 sefinek.net	2025-12-29 11:04:55 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.svn/wc.db UA: Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-29 10:34:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 05:34:37.625450 2025] [security2:error] [pid 19898:tid 19898] [client 104.207.42.92:25349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuzzyecho.com"] [uri "/.svn/wc.db"] [unique_id "aVJZPZ2ZExrRFjO4KJ6JCgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2025-12-29 09:05:06 (5 months ago)	tcp/80; AWS dotfile access attempt: "GET /.aws/credentials" @ 2025-12-29T09:04:12Z [proxy]	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:30:31 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:30:28.791929 2025] [security2:error] [pid 9803:tid 9806] [client 104.207.42.92:45215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrowsinthequiver.com"] [uri "/.git/HEAD"] [unique_id "aVID5NoUX5-H0h2mWyySpQAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 13:10:33 (6 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-24 07:49:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:49:32.143703 2025] [security2:error] [pid 31400:tid 31400] [client 104.207.42.92:34661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.christianebooks.com"] [uri "/.git/HEAD"] [unique_id "aSQODE_a5O0x_x5lvkWZGQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:18:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:17:55.722700 2025] [security2:error] [pid 24842:tid 24842] [client 104.207.42.92:36833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.crep-psych.org"] [uri "/.svn/wc.db"] [unique_id "aSQGow_GsrDnmj91KiT4_AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:50:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.42.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:48:59.442165 2025] [security2:error] [pid 31737:tid 31737] [client 104.207.42.92:60901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.marilynmonroebookstore.com"] [uri "/.git/HEAD"] [unique_id "aSPjuxsUu5vJJrbdVYphEwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇴 186.121.201.67

🇧🇪 81.245.52.166

🇩🇪 69.5.169.236

🇺🇸 64.227.49.223

🇳🇱 212.192.240.126

🇦🇹 159.100.24.186

🇩🇪 144.76.136.6

🇮🇩 103.166.10.244

🇧🇪 34.52.164.192

🇺🇸 20.83.158.134

🇮🇩 8.215.85.137

🇺🇸 3.219.228.21

🇮🇩 203.194.113.221

🇲🇽 189.203.163.10

🇿🇦 172.253.249.212

🇮🇳 168.220.237.171

🇮🇳 117.239.104.11

🇨🇳 111.6.188.167

🇵🇱 109.205.211.4

🇷🇺 80.95.38.14