JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.157

104.207.43.157 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.157

Whois 104.207.43.157

IP Abuse Reports for 104.207.43.157:

This IP address has been reported a total of 137 times from 16 distinct sources. 104.207.43.157 was first reported on June 11th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 4server	2026-04-27 14:37:42 (1 month ago)	[MonApr2716:37:36.3489512026][security2:error][pid4112744:tid4112969][client104.207.43.157:0]ModSecu ... show more [MonApr2716:37:36.3489512026][security2:error][pid4112744:tid4112969][client104.207.43.157:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.hostingedominio.com\"][uri\"/.aws/credentials\"][unique_id\"ae90sLRJvSp3i6uNQGpzQAAAAQQ\"] show less	Hacking Web App Attack
Anonymous	2026-03-20 11:05:35 (2 months ago)	Forum/form spam	Web Spam
🇵🇹 Information Security	2026-03-20 02:14:34 (2 months ago)	Web App Attack	Web App Attack
Anonymous	2026-01-26 12:49:42 (4 months ago)	104.207.43.157 - - [26/Jan/2026:13:49:36 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 ... show more 104.207.43.157 - - [26/Jan/2026:13:49:36 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203" ... show less	Web App Attack
🇨🇭 backslash	2025-12-02 21:40:08 (6 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-02 20:59:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:59:37.997756 2025] [security2:error] [pid 14717:tid 14717] [client 104.207.43.157:56523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weddingcocktailnapkins.com"] [uri "/.svn/wc.db"] [unique_id "aS9TOfrzGom4yRAZu_MVbgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:53:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:53:21.748038 2025] [security2:error] [pid 6944:tid 6944] [client 104.207.43.157:44823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newmooncafe.com"] [uri "/.git/HEAD"] [unique_id "aS9DsSmHvR54-apU5HWLlwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:36:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:36:24.394562 2025] [security2:error] [pid 376:tid 376] [client 104.207.43.157:29559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stoveclockrepair.com"] [uri "/.git/HEAD"] [unique_id "aS8_uOZhTxvDzsSp_AVbYAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 17:47:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 12:47:08.083362 2025] [security2:error] [pid 19237:tid 19237] [client 104.207.43.157:37513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigheartskitchen.com"] [uri "/.svn/wc.db"] [unique_id "aS8mHNlOADUfCYYemTjVtwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 12:07:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 07:07:01.505451 2025] [security2:error] [pid 28178:tid 28178] [client 104.207.43.157:34339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tempsetters.com"] [uri "/.svn/wc.db"] [unique_id "aS7WZXd0itmFzPJC4mDu9AAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-02 07:19:25 (6 months ago)	botnet	DDoS Attack
🇦🇺 2000cn.com.au	2025-12-02 00:50:43 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
Anonymous	2025-11-14 04:22:21 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 fbarela	2025-11-07 23:01:23 (6 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
Anonymous	2025-10-17 15:37:36 (7 months ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.10.17 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 190.52.110.144

🇮🇳 168.220.237.171

🇺🇸 165.154.206.246

🇱🇹 81.30.98.44

🇳🇱 45.148.10.151

🇩🇪 43.228.157.10

🇱🇹 194.165.16.166

🇷🇴 193.176.85.112

🇬🇧 185.216.145.164

🇱🇹 185.5.53.154

🇮🇩 163.7.3.154

🇻🇳 156.229.22.183

🇫🇮 147.185.133.184

🇨🇳 124.164.251.88

🇮🇳 122.183.50.219

🇺🇸 85.208.96.210

🇬🇧 82.19.12.103

🇫🇷 62.210.142.161

🇸🇬 47.82.15.210

🇵🇰 45.194.15.80