JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.18

104.207.43.18 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.18

Whois 104.207.43.18

IP Abuse Reports for 104.207.43.18:

This IP address has been reported a total of 121 times from 29 distinct sources. 104.207.43.18 was first reported on June 6th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 anycast_ac	2026-06-18 14:47:55 (5 days ago)	[DDoS Attacker] This IP was attacking website anycast.ac and sent 534 requests on port 443	DDoS Attack Web App Attack
🇺🇸 mnsf	2026-06-11 00:06:17 (1 week ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
🇳🇱 MatStef132	2026-05-19 21:05:47 (1 month ago)	MatShield L7: blocked on anonymous (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:59:02 (1 month ago)	MatShield L7: blocked on dstat.selify.io (click-id-direct-nav)	DDoS Attack
🇫🇷 MatStef132	2026-05-19 20:55:41 (1 month ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-15 15:39:09 (1 month ago)	MatShield L7 blocked request to mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:37 (1 month ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 10dencehispahard SL	2026-01-28 07:56:10 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇨🇭 backslash	2026-01-24 21:30:04 (4 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-09 23:59:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 18:59:27.489903 2025] [security2:error] [pid 2085:tid 2085] [client 104.207.43.18:49783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dungeonsremastered.com"] [uri "/.env"] [unique_id "aTi338LGHtXQZJ7Xs78_bQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 09:57:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:56:56.613244 2025] [security2:error] [pid 9245:tid 9245] [client 104.207.43.18:57103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-italy.com"] [uri "/.env"] [unique_id "aTfyaOHakfbRFea5T6kABgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:48:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:48:06.106652 2025] [security2:error] [pid 22439:tid 22439] [client 104.207.43.18:55923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keithwatt.org"] [uri "/.svn/wc.db"] [unique_id "aTWFloPdyeeVJGdJ29DsYAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 13:01:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:01:00.179725 2025] [security2:error] [pid 2690:tid 2690] [client 104.207.43.18:57163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "efhgtc.org"] [uri "/.env"] [unique_id "aTV6jL_lpJ8r_Z0pb3p_NwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 03:16:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 22:16:10.588036 2025] [security2:error] [pid 8237:tid 8237] [client 104.207.43.18:42311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khodel.info"] [uri "/.env"] [unique_id "aTOf-h1KjaXvqbfo16ROWwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.181

🇺🇸 151.240.59.62

🇫🇮 104.245.241.164

🇭🇰 101.36.119.146

🇺🇸 91.203.130.56

🇨🇱 64.176.12.40

🇳🇱 45.148.10.141

🇺🇸 44.76.37.144

🇨🇳 42.123.123.238

🇰🇷 211.178.165.251

🇺🇸 165.154.182.174

🇺🇸 157.55.39.14

🇸🇬 145.223.131.39

🇰🇷 123.58.200.147

🇺🇸 103.69.158.115

🇺🇸 66.132.195.26

🇸🇬 47.128.120.182

🇺🇸 44.134.194.13

🇸🇬 43.172.198.67

🇨🇳 36.106.166.93