JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.116

104.207.43.116 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.116

Whois 104.207.43.116

IP Abuse Reports for 104.207.43.116:

This IP address has been reported a total of 138 times from 18 distinct sources. 104.207.43.116 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-05-19 04:00:05 (3 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇩🇪 Ad Ministrator	2026-04-23 22:35:02 (1 month ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
Anonymous	2026-03-05 12:39:51 (3 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-03-05 08:29:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:29:29.230285 2026] [security2:error] [pid 2915:tid 2922] [client 104.207.43.116:38097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/b3/db3bcd2e72fec08b5645aecbd82416d2e341f8"] [unique_id "aak-6Wbdh7c6FWT9QFVRmAAAAAM"], referer: http://www.howardhallis.com/.git/objects/b3/db3bcd2e72fec08b5645aecbd82416d2e341f8 show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-02 22:05:23 (5 months ago)	(XMLRPC) WP XMLPRC Attack 104.207.43.116 (US/United States/-): 5 in the last 3600 secs; Ports: ; Di ... show more (XMLRPC) WP XMLPRC Attack 104.207.43.116 (US/United States/-): 5 in the last 3600 secs; Ports: ; Direction: 1 show less	Brute-Force SSH
🇦🇺 screwlooseit.com.au	2025-12-30 21:54:48 (5 months ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
🇺🇸 TPI-Abuse	2025-12-28 03:48:10 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 22:48:04.843304 2025] [security2:error] [pid 30789:tid 30789] [client 104.207.43.116:18961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vincentmonaco.com"] [uri "/.git/HEAD"] [unique_id "aVCodDGGATOySa_WvNkeiQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 19:10:50 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:10:42.419867 2025] [security2:error] [pid 1831:tid 1831] [client 104.207.43.116:44321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ayudaclic.com"] [uri "/.env"] [unique_id "aVAvMuNsf0QibE4_lKig6AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-12-27 19:05:41 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:35:38 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:35:29.950786 2025] [security2:error] [pid 23568:tid 23568] [client 104.207.43.116:49263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weddingcapitalpartners.com"] [uri "/.env"] [unique_id "aVAY4duQTqaeBzyIsNWXJQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:09:48 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:09:40.663611 2025] [security2:error] [pid 14507:tid 14507] [client 104.207.43.116:10259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "christmascardsprinted.com"] [uri "/.svn/wc.db"] [unique_id "aVAS1H-_L6Q_fV4UF9yOxQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 13:18:34 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
Anonymous	2025-12-06 18:41:10 (6 months ago)	botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-24 07:57:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:55:19.553984 2025] [security2:error] [pid 27470:tid 27470] [client 104.207.43.116:28075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.goodneighborvillage.org"] [uri "/.svn/wc.db"] [unique_id "aSQPZ75jzan8zgoHcyyUkgAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:12:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:12:04.330561 2025] [security2:error] [pid 5830:tid 5830] [client 104.207.43.116:39933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "baseball.jpwatters.com"] [uri "/.git/HEAD"] [unique_id "aSP3NOLJJfCV5Ga9uHeulgAAACc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇳🇱 185.223.235.3

🇲🇴 182.93.7.194

🇺🇸 162.216.149.155

🇮🇩 124.40.252.3

🇲🇾 49.124.148.207

🇺🇸 216.25.89.83

🇬🇧 195.206.182.208

🇩🇪 164.92.226.6

🇫🇮 147.185.133.247

🇨🇦 138.197.171.40

🇮🇩 125.163.211.87

🇺🇸 107.172.9.154

🇸🇬 47.128.58.99

🇩🇪 45.130.202.23

🇳🇱 45.128.199.20

🇺🇦 45.11.57.172

🇺🇸 20.65.195.23

🇨🇳 8.138.156.180

🇩🇪 213.209.159.56