JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.40

104.207.43.40 was found in our database!

This IP was reported 177 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.40

Whois 104.207.43.40

IP Abuse Reports for 104.207.43.40:

This IP address has been reported a total of 177 times from 29 distinct sources. 104.207.43.40 was first reported on June 22nd 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 ParaBug	2026-05-29 16:27:27 (1 week ago)	104.207.43.40 - - [29/May/2026:18:27:26 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.aws/cred ... show more 104.207.43.40 - - [29/May/2026:18:27:26 +0200] "GET http://51-15-23-24.rev.poneytelecom.eu/.aws/credentials HTTP/1.1" 403 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" ... show less	Phishing Brute-Force Web App Attack
🇦🇺 oncord	2026-05-17 11:50:17 (3 weeks ago)	Form spam	Web Spam
🇬🇧 PeravixGroup	2026-05-07 11:55:01 (1 month ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 oncord	2026-04-20 15:15:40 (1 month ago)	Form spam	Web Spam
🇦🇺 oncord	2026-04-12 00:18:37 (1 month ago)	Form spam	Web Spam
🇦🇺 oncord	2026-04-10 21:16:19 (1 month ago)	Form spam	Web Spam
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇦🇺 oncord	2026-03-15 22:33:42 (2 months ago)	Form spam	Web Spam
🇺🇸 oncord	2026-03-10 02:00:16 (3 months ago)	Form spam	Web Spam
🇱🇻 garmtech.com	2026-03-01 01:29:04 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-29.104.207.43.40.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-29.104.207.43.40.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:42:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:42:45.919959 2026] [security2:error] [pid 2981063:tid 2981063] [client 104.207.43.40:35061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindchill.net"] [uri "/backup/.git/config"] [unique_id "aY8qVa6cMnrQk8QMveKgTgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-02-13 06:50:10 (3 months ago)	Probing websites for vulnerabilities	SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:38:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:38:03.156222 2026] [security2:error] [pid 1957274:tid 1957311] [client 104.207.43.40:61203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maxelon.com"] [uri "/new/.git/config"] [unique_id "aY64uzfMF1PpzQkxSxrFGAAAAJc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:55:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:55:15.796472 2026] [security2:error] [pid 2457149:tid 2457149] [client 104.207.43.40:54057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "majersigns.com"] [uri "/.env.production"] [unique_id "aY6Eg1dY4gvJ52dLjJFZQwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:01:09 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH

Showing 1 to 15 of 177 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 178.16.54.88

🇸🇬 129.212.237.224

🇺🇸 156.239.253.250

🇭🇰 122.10.115.18

🇿🇦 105.226.8.83

🇺🇸 13.67.236.135

🇪🇹 196.188.188.183

🇧🇷 170.80.65.140

🇨🇳 123.145.22.47

🇨🇳 111.113.89.21

🇳🇱 109.236.86.20

🇲🇦 105.156.28.117

🇺🇸 98.159.233.139

🇫🇷 85.217.140.12

🇳🇱 45.148.10.157

🇳🇱 45.148.10.67

🇺🇸 24.253.6.91

🇺🇸 20.57.18.177

🇷🇺 178.76.240.252

🇩🇿 154.242.154.4