JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.232

104.207.43.232 was found in our database!

This IP was reported 159 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.232

Whois 104.207.43.232

IP Abuse Reports for 104.207.43.232:

This IP address has been reported a total of 159 times from 21 distinct sources. 104.207.43.232 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ParaBug	2026-05-15 22:38:58 (3 weeks ago)	104.207.43.232 - - [16/May/2026:00:38:57 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.git/HEA ... show more 104.207.43.232 - - [16/May/2026:00:38:57 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.git/HEAD HTTP/1.1" 403 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Phishing Brute-Force Web App Attack
🇬🇧 Oakley	2026-04-13 21:31:14 (1 month ago)	(antiscrape_rule) Web application abuse detected 104.207.43.232 (US/United States/-): 5 in the last ... show more (antiscrape_rule) Web application abuse detected 104.207.43.232 (US/United States/-): 5 in the last 900 secs show less	Hacking
🇫🇷 masterguru	2026-04-06 01:58:09 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.43.232 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.43.232 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇫🇷 masterguru	2026-04-06 00:47:07 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.43.232 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.43.232 (US/United States/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-04-02 06:42:00 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.43.232 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.43.232 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇱🇻 garmtech.com	2026-03-27 11:08:18 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇱🇻 garmtech.com	2026-03-23 09:54:46 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇪🇸 librebit	2026-03-14 06:30:18 (2 months ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2026-02-11 17:08:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 12:08:21.887328 2026] [security2:error] [pid 12630:tid 12630] [client 104.207.43.232:23359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquascapes.net"] [uri "/backend/.env"] [unique_id "aYy3hWX8wL8UdUcITa0PxQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 22:59:31 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 17:27:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 12:27:32.801228 2026] [security2:error] [pid 27023:tid 27023] [client 104.207.43.232:37325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anythingsoldworldwide.com"] [uri "/backend/.env"] [unique_id "aYtqhDdnSzJ9sMAbnks8dwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:55:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:55:31.213267 2026] [security2:error] [pid 17110:tid 17110] [client 104.207.43.232:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antitribu.com"] [uri "/.git/config"] [unique_id "aYtU8w9z3NBd0G6K26c4mAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ReporTR	2026-02-10 09:39:36 (3 months ago)	Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. ... show more Repeated malicious activity detected by Fail2Ban jail 'plesk-modsecurity'. TCP connection completed. IP banned. show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:53:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:53:29.202841 2026] [security2:error] [pid 2742859:tid 2742859] [client 104.207.43.232:17305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kittencream.com"] [uri "/site/.git/config"] [unique_id "aYqrubwmhfmyVGkDOJhB_QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:01:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:01:40.909195 2026] [security2:error] [pid 13335:tid 13335] [client 104.207.43.232:43107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswow.com"] [uri "/dev/.git/config"] [unique_id "aYqRhFsbP_T7eERlgbjHcwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 159 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 217.146.80.118

🇭🇰 119.246.15.94

🇭🇰 101.36.106.78

🇧🇴 200.58.84.96

🇯🇴 176.29.160.217

🇺🇸 152.32.207.42

🇮🇩 103.191.14.210

🇮🇹 81.57.15.243

🇷🇺 37.228.92.87

🇧🇪 34.38.174.36

🇺🇸 20.65.138.97

🇨🇳 223.221.38.226

🇨🇳 218.78.141.61

🇧🇪 198.235.24.214

🇦🇺 172.68.210.138

🇻🇳 152.32.162.42

🇹🇭 150.95.82.21

🇮🇳 122.187.230.187

🇷🇴 80.94.92.168

🇦🇱 79.106.166.54