JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.55

104.207.43.55 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 53%: ?

53%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.55

Whois 104.207.43.55

IP Abuse Reports for 104.207.43.55:

This IP address has been reported a total of 135 times from 23 distinct sources. 104.207.43.55 was first reported on June 4th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇷 setupgr	2026-06-23 21:53:27 (2 days ago)	(mod_security) mod_security (id:900001) triggered by 104.207.43.55 (US/United States/Virginia/Ashbur ... show more (mod_security) mod_security (id:900001) triggered by 104.207.43.55 (US/United States/Virginia/Ashburn/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 00:53:23.139636 2026] [security2:error] [pid 2455:tid 2578] [client 104.207.43.55:54633] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: fashionfragonard.gr"] [severity "CRITICAL"] [tag "security"] [hostname "fashionfragonard.gr"] [uri "/wp-login.php"] [unique_id "ajsAU-uoNgD1zFMGh7QRNQAAARE"], referer: https://fashionfragonard.gr/wp-login.php show less	Port Scan
🇩🇪 Spiderpiggy	2026-06-23 17:15:49 (2 days ago)	Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoi ... show more Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoint: /wp-login.php show less	Brute-Force Bad Web Bot SSH
🇨🇭 4server	2026-06-22 09:01:28 (4 days ago)	[MonJun2211:01:25.6842012026][security2:error][pid187522:tid187967][client104.207.43.55:0]ModSecurit ... show more [MonJun2211:01:25.6842012026][security2:error][pid187522:tid187967][client104.207.43.55:0]ModSecurity:Accessdeniedwithcode403$phase1$.Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"edomustech.com\"][uri\"/xmlrpc.php\"][unique_id\"ajj55XQlVYEaVWZAx9tZIwAAARc\"]\,referer:https://www.facebook.com/ show less	Hacking Web App Attack
🇦🇺 HJ5Ss4Ju	2026-06-18 05:08:32 (1 week ago)	Blocked by Wordfence (SID 6)	Web App Attack
Anonymous	2026-06-17 07:20:16 (1 week ago)	Web attack blocked by Wordfence on kernoverlegsibbe-ijzeren.nl (1 hit). Reported by CRMON.	Web App Attack
🇺🇸 lostswordfish.com	2026-06-15 10:20:06 (1 week ago)	Wordfence waf block on fypeducation	Web App Attack
🇫🇷 ELYAZ	2026-06-14 17:27:49 (1 week ago)	(y4) Failed scan -byebye- from 104.207.43.55 (US/United States/-): (CF_ENABLE)	Hacking
🇬🇷 setupgr	2026-06-12 14:31:23 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.43.55: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 104.207.43.55: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 17:31:22.149301 2026] [security2:error] [pid 326651:tid 326689] [client 104.207.43.55:26353] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.doityourself.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.doityourself.gr"] [uri "/wp-login.php"] [unique_id "aiwYOukQFV9sMirggevKdAAAAAI"], referer: https://mail.doityourself.gr/wp-login.php show less	Port Scan
🇲🇹 Malta	2026-06-11 22:54:46 (2 weeks ago)	104.207.43.55 - - [12/Jun/2026:00:54:46 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 104.207.43.55 - - [12/Jun/2026:00:54:46 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 FeG Deutschland	2026-06-11 08:09:25 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇲🇽 octageeks.com	2026-06-11 04:21:03 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇹 Malta	2026-06-10 11:22:17 (2 weeks ago)	104.207.43.55 - - [10/Jun/2026:13:22:17 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 104.207.43.55 - - [10/Jun/2026:13:22:17 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇪🇸 librebit	2026-06-01 01:14:59 (3 weeks ago)	Brute force	Brute-Force
🇱🇻 garmtech.com	2026-02-07 02:42:51 (4 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 04-42.104.207.43.55.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 04-42.104.207.43.55.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 02:04:34 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.43.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.43.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 21:04:30.694118 2025] [security2:error] [pid 1182:tid 1182] [client 104.207.43.55:36269] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.gapanda.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.gapanda.com"] [uri "/php-old.ini"] [unique_id "aVHhrqKYH2MAh0n5zEQ9pgAAAAM"], referer: http://www.gapanda.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 202.39.153.245

🇧🇪 198.235.24.161

🇮🇶 194.49.87.68

🇺🇸 192.0.101.192

🇺🇸 173.239.213.4

🇫🇮 147.185.133.255

🇮🇩 202.152.201.166

🇧🇷 186.248.197.77

🇨🇳 110.43.37.72

🇮🇳 103.108.4.42

🇭🇺 89.148.92.242

🇬🇧 31.14.254.42

🇲🇽 187.249.105.226

🇺🇸 172.172.170.199

🇮🇶 169.224.105.51

🇵🇰 139.135.46.57

🇺🇸 134.195.152.230

🇨🇳 111.198.221.98

🇺🇸 47.252.81.253

🇷🇺 46.42.2.115