JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.104

104.207.43.104 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 48%: ?

48%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.104

Whois 104.207.43.104

IP Abuse Reports for 104.207.43.104:

This IP address has been reported a total of 148 times from 23 distinct sources. 104.207.43.104 was first reported on June 6th 2024, and the most recent report was 33 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-16 01:54:26 (33 minutes ago)	(y4) Failed scan -byebye- from 104.207.43.104 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-14 10:32:03 (1 day ago)	[server.tmg.gr] httpd-login-spray-site: sites=eumedline.com; logs=/var/log/httpd/domains/eumedline.c ... show more [server.tmg.gr] httpd-login-spray-site: sites=eumedline.com; logs=/var/log/httpd/domains/eumedline.com.log; samples=site_wide=true \| distinct_ips=14 \| /wp-login.php show less	Hacking Web App Attack
🇬🇷 setupgr	2026-06-13 12:03:32 (2 days ago)	(mod_security) mod_security (id:900001) triggered by 104.207.43.104: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.43.104: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 15:03:32.065472 2026] [security2:error] [pid 808281:tid 808327] [client 104.207.43.104:23341] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: villa-izabela.com"] [severity "CRITICAL"] [tag "security"] [hostname "villa-izabela.com"] [uri "/wp-login.php"] [unique_id "ai1HFKusuLqpeUDnO4AJXwAAAVM"], referer: https://villa-izabela.com/wp-login.php show less	Port Scan
Anonymous	2026-06-13 03:20:26 (2 days ago)	Web attack blocked by Wordfence on 1valkenburg.nl (1 hit). Reported by CRMON.	Web App Attack
🇬🇷 setupgr	2026-06-11 08:26:31 (4 days ago)	(mod_security) mod_security (id:900001) triggered by 104.207.43.104: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.43.104: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 11 11:26:29.190226 2026] [security2:error] [pid 2066467:tid 2066662] [client 104.207.43.104:14809] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: sea-sound.com"] [severity "CRITICAL"] [tag "security"] [hostname "sea-sound.com"] [uri "/wp-login.php"] [unique_id "aipxNXN0xdA8CUhjxYAFNgAAAU4"], referer: https://sea-sound.com/wp-login.php show less	Port Scan
Anonymous	2026-06-11 04:55:38 (4 days ago)	[ssd1.kdns.gr] httpd-login-spray-site: sites=nbmedical.gr; logs=/var/log/httpd/domains/nbmedical.gr. ... show more [ssd1.kdns.gr] httpd-login-spray-site: sites=nbmedical.gr; logs=/var/log/httpd/domains/nbmedical.gr.log; samples=site_wide=true \| distinct_ips=17 \| /wp-login.php show less	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-06-10 20:46:33 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇲🇽 octageeks.com	2026-06-01 04:08:27 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇫🇷 ELYAZ	2026-06-01 01:24:59 (2 weeks ago)	(y4) Failed scan -byebye- from 104.207.43.104 (US/United States/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-31 13:00:41 (2 weeks ago)	wordpress authentication brute force	Brute-Force Web App Attack
🇫🇷 tilellit.pro	2026-05-30 03:37:07 (2 weeks ago)	Fail2Ban banned 104.207.43.104 for security violations in jail wp-armour. Log: 2026/05/30 03:37:06 [ ... show more Fail2Ban banned 104.207.43.104 for security violations in jail wp-armour. Log: 2026/05/30 03:37:06 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.43.104 \| Target: wplogin" , client: 104.207.43.104, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2026-05-29 21:57:09 (2 weeks ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=popikouloufakou.com; logs=/var/log/httpd/domains/popiko ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=popikouloufakou.com; logs=/var/log/httpd/domains/popikouloufakou.com.log; samples=site_wide=true \| distinct_ips=21 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 lostswordfish.com	2026-05-27 20:44:03 (2 weeks ago)	Wordfence waf block on baystatereentrynetwork	Web App Attack
Anonymous	2026-05-27 15:38:04 (2 weeks ago)	Failed Wordpress Logins	Web App Attack
🇪🇸 10dencehispahard SL	2025-12-29 09:18:31 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.194

🇺🇦 195.26.18.82

🇲🇽 187.156.213.64

🇺🇸 147.185.132.252

🇨🇳 122.97.138.163

🇨🇳 116.179.32.241

🇺🇸 91.230.168.211

🇺🇸 91.230.168.88

🇨🇦 72.251.5.58

🇻🇳 14.241.177.192

🇨🇳 14.103.111.135

🇮🇱 2.55.85.4

🇨🇳 222.176.201.190

🇺🇾 179.27.99.9

🇭🇰 165.154.2.138

🇺🇸 150.107.38.195

🇰🇷 115.68.208.117

🇨🇳 112.32.138.180

🇫🇷 91.231.89.198

🇫🇷 91.231.89.194