JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.42

104.207.58.42 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.42

Whois 104.207.58.42

IP Abuse Reports for 104.207.58.42:

This IP address has been reported a total of 135 times from 18 distinct sources. 104.207.58.42 was first reported on June 12th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-13 22:01:18 (4 weeks ago)	Auto-ban: >3000 req/min op 2026-05-13	Web App Attack SSH Hacking
🇺🇸 conrad10781	2026-05-12 01:37:55 (1 month ago)	nginx-dot-env	Web App Attack
🇩🇪 raspi4	2026-04-09 21:26:22 (2 months ago)	Fail2Ban Ban Triggered	Brute-Force Web App Attack
🇬🇧 Apache	2026-01-17 03:29:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (TH/Thailand/-): 5 in the last 30 ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (TH/Thailand/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:59:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:59:44.749418 2025] [security2:error] [pid 20629:tid 20629] [client 104.207.58.42:18679] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "savethedatecardsonline.com"] [uri "/.svn/wc.db"] [unique_id "aS83IGec1RlZF4vOEyUABgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:23:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:23:17.473974 2025] [security2:error] [pid 8973:tid 8973] [client 104.207.58.42:18029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goodacoustic.com"] [uri "/.svn/wc.db"] [unique_id "aS6h9ZfkA8i5j8hR7CMPjQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:47:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:47:35.084367 2025] [security2:error] [pid 12670:tid 12670] [client 104.207.58.42:36379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jodstar.com"] [uri "/.env"] [unique_id "aS5vZ0VdXypHV2FnXyVi3AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:08:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:07:57.127751 2025] [security2:error] [pid 21780:tid 21780] [client 104.207.58.42:36777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.homebuilt.org"] [uri "/.git/HEAD"] [unique_id "aSaLLfmwhkf9MQjYEg8_kAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 00:35:12 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:55:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:55:33.924099 2025] [security2:error] [pid 29847:tid 29847] [client 104.207.58.42:36853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.plumeriatc.org"] [uri "/.env"] [unique_id "aSUapeTeh0w7orngVakgTwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:40:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:40:16.639750 2025] [security2:error] [pid 132008:tid 132028] [client 104.207.58.42:41669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.digitaltalkingbible.com"] [uri "/.svn/wc.db"] [unique_id "aSQZ8AH-XN5lTt6cMbeO0QAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:23:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:23:04.285345 2025] [security2:error] [pid 26624:tid 26624] [client 104.207.58.42:15845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.weavergroup.us"] [uri "/.svn/wc.db"] [unique_id "aSQH2IchLW35RsBhpeoIHgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:03:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:03:52.748027 2025] [security2:error] [pid 12103:tid 12153] [client 104.207.58.42:50259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tkfay.com"] [uri "/.git/HEAD"] [unique_id "aSQDWOd3pxroRSWDTtpeYgAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-11 06:58:44 (8 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 23:42:30 (8 months ago)	Attempted brute force login to web vpn 162 time(s); last attempt for 2025.10.10 is noted in report t ... show more Attempted brute force login to web vpn 162 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.94.32.143

🇷🇺 178.204.4.12

🇺🇸 162.158.90.200

🇬🇧 35.203.210.10

🇳🇱 193.176.31.195

🇳🇱 185.223.235.20

🇨🇳 180.114.62.71

🇧🇷 177.73.186.175

🇭🇰 165.154.6.75

🇵🇰 165.101.126.88

🇵🇭 162.158.249.135

🇫🇷 146.70.194.220

🇵🇰 104.22.96.145

🇳🇿 103.93.145.33

🇦🇪 87.200.134.168

🇺🇸 75.24.192.187

🇩🇪 69.5.169.51

🇮🇶 65.20.160.107

🇨🇳 27.128.218.236

🇺🇸 13.89.120.212