JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.235

104.207.43.235 was found in our database!

This IP was reported 169 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.235

Whois 104.207.43.235

IP Abuse Reports for 104.207.43.235:

This IP address has been reported a total of 169 times from 32 distinct sources. 104.207.43.235 was first reported on June 7th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-03 06:08:38 (3 days ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.43.235 (US/United States/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.207.43.235 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇪🇸 librebit	2026-05-17 03:57:42 (2 weeks ago)	Brute force	Brute-Force
Anonymous	2026-04-05 02:13:13 (2 months ago)	Forum/form spam	Web Spam
🇦🇺 2000cn.com.au	2026-02-11 21:04:43 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 17:34:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 12:34:47.647196 2026] [security2:error] [pid 8909:tid 8909] [client 104.207.43.235:32969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anywheregarden.com"] [uri "/backup/.git/config"] [unique_id "aYtsNxok-VC7Q1qfk6eLbAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:54:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:54:44.890430 2026] [security2:error] [pid 12504:tid 12504] [client 104.207.43.235:26075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antiterrorismbooks.net"] [uri "/.env.production"] [unique_id "aYtUxMDsLUUP9EdPcyWVRAAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:01:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:01:19.347806 2026] [security2:error] [pid 16697:tid 16697] [client 104.207.43.235:49761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koidivision.com"] [uri "/site/.git/config"] [unique_id "aYrJr6ttYXNna-yfbQZQDgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:17:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:17:36.095397 2026] [security2:error] [pid 16003:tid 16003] [client 104.207.43.235:45323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magusniche.com"] [uri "/app/.git/config"] [unique_id "aYq_cFYqFhH1TJZReMxP2QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:45:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:45:22.489841 2026] [security2:error] [pid 12808:tid 12814] [client 104.207.43.235:63207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idealcentralvac.com"] [uri "/admin/.env"] [unique_id "aYq34itDVRwtbLhRmDQIJwAAAUQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:42:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:42:10.324405 2026] [security2:error] [pid 18179:tid 18179] [client 104.207.43.235:38107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibermar.info"] [uri "/test/.git/config"] [unique_id "aYqpEkKdv_xTaKe4lQ8q2QAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:06:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:06:36.838444 2026] [security2:error] [pid 9564:tid 9564] [client 104.207.43.235:16627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingstoneproperties.com"] [uri "/admin/.git/config"] [unique_id "aYqgvIsF4fnMsWGwcvuz0AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 23:37:30 (3 months ago)	Blocking for trying to access an exploit file: /api/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-09 22:55:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:55:37.638539 2026] [security2:error] [pid 1570:tid 1596] [client 104.207.43.235:48643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howiek.com"] [uri "/api/.env"] [unique_id "aYpl6XeVpx3S5SN-NSqeKAAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:40:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:40:31.481985 2026] [security2:error] [pid 11634:tid 11634] [client 104.207.43.235:27173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "macryder.com"] [uri "/app/.git/config"] [unique_id "aYpiXz4WEz7PgUkr7OAUdAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-09 21:26:34 (3 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 169 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.0.214.136

🇺🇸 167.89.3.71

🇺🇸 165.154.254.143

🇺🇸 162.216.149.13

🇸🇬 162.158.88.127

🇨🇦 154.3.163.26

🇺🇸 99.92.204.98

🇳🇱 45.148.10.157

🇬🇧 35.203.210.196

🇨🇳 14.103.34.138

🇨🇳 218.21.250.151

🇺🇸 207.90.244.12

🇧🇷 205.210.31.219

🇺🇸 205.210.31.73

🇳🇱 204.76.203.81

🇭🇰 203.198.173.137

🇨🇳 182.150.58.250

🇸🇬 162.158.88.170

🇵🇭 136.158.102.13

🇳🇱 85.121.127.124