JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.42

104.207.55.42 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.42

Whois 104.207.55.42

IP Abuse Reports for 104.207.55.42:

This IP address has been reported a total of 145 times from 21 distinct sources. 104.207.55.42 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-02-03 08:07:46 (4 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-23 07:36:47 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-12-30 20:36:20 (5 months ago)	"GET /.aws/credentials HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-30 10:20:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 05:20:34.557885 2025] [security2:error] [pid 3840815:tid 3840832] [client 104.207.55.42:27465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rawsynergy.com"] [uri "/.svn/wc.db"] [unique_id "aVOncvhY0WluO26hDFjvUgAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:13:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:13:48.917469 2025] [security2:error] [pid 18159:tid 18169] [client 104.207.55.42:25327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honeyled.com"] [uri "/.env"] [unique_id "aVIcHBHoP6MwOldmBmFKEwAAAQE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 05:41:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:40:55.341321 2025] [security2:error] [pid 6853:tid 6853] [client 104.207.55.42:52393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "independentmusicconference.com"] [uri "/.env"] [unique_id "aVIUZxI34oK7YC0EiEgyvgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:23:39 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:23:33.224667 2025] [security2:error] [pid 7775:tid 7775] [client 104.207.55.42:39159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "christianbroadcastingleague.com"] [uri "/.env"] [unique_id "aVICRVf1043QfrP20HztcQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 23:23:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 18:23:43.699698 2025] [security2:error] [pid 16941:tid 16941] [client 104.207.55.42:57325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robertminuzzo.com"] [uri "/.git/HEAD"] [unique_id "aS90_xyxgEr4wdiHvZBw-gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:42:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:42:18.509210 2025] [security2:error] [pid 24966:tid 24966] [client 104.207.55.42:14349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daisyweddinginvitations.com"] [uri "/.svn/wc.db"] [unique_id "aS6YWghcdmi1EZ5OzG8f7wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:35:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:35:22.710461 2025] [security2:error] [pid 32376:tid 32376] [client 104.207.55.42:33715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "interartny.com"] [uri "/.git/HEAD"] [unique_id "aS5sigLMrgs4fCxhmeACCgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 21:23:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:23:51.881319 2025] [security2:error] [pid 1608:tid 1608] [client 104.207.55.42:56141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "energycapitalinvestments.com"] [uri "/.env"] [unique_id "aSjBZ_IT1lXFhPrNfqtA7gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 20:30:02 (6 months ago)	suspicious request in access.log	Web App Attack
Anonymous	2025-11-24 17:42:11 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇪🇸 10dencehispahard SL	2025-11-19 07:11:08 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.74.196.10

🇳🇱 176.65.139.250

🇺🇸 159.89.132.71

🇺🇸 50.46.141.125

🇸🇬 47.237.79.108

🇸🇬 47.84.111.242

🇸🇬 47.84.109.88

🇩🇪 43.131.26.226

🇸🇬 43.98.199.240

🇦🇺 35.201.12.108

🇩🇪 34.40.99.146

🇸🇬 8.219.238.0

🇮🇳 204.1.145.175

🇺🇸 184.168.21.211

🇻🇳 183.91.11.36

🇺🇸 168.245.52.74

🇦🇺 163.116.192.138

🇨🇳 121.57.238.33

🇸🇬 47.237.11.169

🇸🇬 47.236.224.203