JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.127

104.207.43.127 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.127

Whois 104.207.43.127

IP Abuse Reports for 104.207.43.127:

This IP address has been reported a total of 147 times from 21 distinct sources. 104.207.43.127 was first reported on June 6th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-11 01:52:13 (1 day ago)	Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ... show more Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-02-13 09:20:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:20:00.505789 2026] [security2:error] [pid 6078:tid 6078] [client 104.207.43.127:16185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lanistandifer.com"] [uri "/wp/.git/config"] [unique_id "aY7swCW5XHaaKpda9_TaPgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:05:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:05:26.694871 2026] [security2:error] [pid 23230:tid 23345] [client 104.207.43.127:41149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "la.productions"] [uri "/.env.staging"] [unique_id "aY7bRk0qaNF2Fp_hMVdPtgAAAdg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:04:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:03:57.480186 2026] [security2:error] [pid 23139:tid 23139] [client 104.207.43.127:61981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ktnwassociatesinc.com"] [uri "/.env"] [unique_id "aY7M3cebBrvDZW64EMhYdwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-02-13 06:55:03 (3 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:31:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:31:46.601069 2026] [security2:error] [pid 32042:tid 32042] [client 104.207.43.127:29525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krankybitchguitars.com"] [uri "/.env.local"] [unique_id "aY7FUs-MHNXYge3UsCKqPAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:59:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:59:42.075073 2026] [security2:error] [pid 2631786:tid 2631786] [client 104.207.43.127:43361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "klfreeman.com"] [uri "/app/.git/config"] [unique_id "aY6vvtjOo_UJRHnjuMMwVgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:08:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:08:44.156368 2026] [security2:error] [pid 24265:tid 24265] [client 104.207.43.127:10963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingmanrents.com"] [uri "/.env.save"] [unique_id "aY6jzHyAS27OV0Vm_-rh5gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mario Silber	2026-02-13 04:05:00 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.43.127 (US/United States/-)	SQL Injection
🇺🇸 mnsf	2026-02-13 02:06:45 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:25:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:25:10.812417 2026] [security2:error] [pid 5050:tid 5050] [client 104.207.43.127:48003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karyaenigma.com"] [uri "/.env"] [unique_id "aY59dugHXbWcK9OfzvUQlgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 19:35:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:35:25.762432 2026] [security2:error] [pid 12512:tid 12520] [client 104.207.43.127:57497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "forestancestry.com"] [uri "/.git/config"] [unique_id "aY4rfaxu_oWFPIjaxClhBgAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:44:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:44:09.196404 2026] [security2:error] [pid 22950:tid 22950] [client 104.207.43.127:27051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackstarmgmt.com"] [uri "/.env"] [unique_id "aY4RaYzruiinXSNbuLiLjgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:27:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:26:59.162894 2026] [security2:error] [pid 10048:tid 10048] [client 104.207.43.127:23027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arofish.us"] [uri "/.env"] [unique_id "aY3_U9LUdk-gscoHQaHfcwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:05:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:05:38.637299 2026] [security2:error] [pid 20257:tid 20257] [client 104.207.43.127:53271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boblog111.com"] [uri "/.git/config"] [unique_id "aY36Uh40UfxDi46BBDO46wAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 93.152.208.26

🇰🇭 203.147.140.70

🇷🇺 193.233.230.3

🇬🇧 188.240.59.15

🇧🇬 185.255.215.103

🇦🇷 179.40.112.10

🇺🇸 162.216.150.69

🇫🇷 94.23.12.112

🇺🇸 91.230.168.207

🇷🇴 80.94.92.167

🇰🇷 58.224.62.29

🇮🇩 41.216.177.55

🇧🇴 190.181.44.194

🇨🇿 185.91.116.105

🇺🇸 170.106.108.33

🇺🇸 162.216.150.104

🇫🇮 147.185.133.175

🇫🇮 147.185.133.100

🇫🇷 91.196.152.33

🇹🇭 61.19.114.132