JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.43.59

104.207.43.59 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.43.59

Whois 104.207.43.59

IP Abuse Reports for 104.207.43.59:

This IP address has been reported a total of 140 times from 18 distinct sources. 104.207.43.59 was first reported on June 7th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-08 06:47:21 (1 month ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-10 14:00:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 09:00:06.479597 2025] [security2:error] [pid 26686:tid 26686] [client 104.207.43.59:29479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raritymountainadventures.com"] [uri "/.svn/wc.db"] [unique_id "aTl85rZM5qUK_iyibbTmdgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:32:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:32:09.297775 2025] [security2:error] [pid 25303:tid 25303] [client 104.207.43.59:14935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "unitedwestandent.org"] [uri "/.svn/wc.db"] [unique_id "aTWd-ZzqOdC6mAqVPBJNUwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 14:39:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 09:38:55.357229 2025] [security2:error] [pid 30549:tid 30549] [client 104.207.43.59:19589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pozzolan.org"] [uri "/.svn/wc.db"] [unique_id "aTWRf5EKqEtIkrBsxXz1wwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 12:13:18 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:13:14.374329 2025] [security2:error] [pid 25881:tid 25912] [client 104.207.43.59:40419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "annybelle.org"] [uri "/.git/HEAD"] [unique_id "aTVvWhSlw-e-UZebRyq7OwAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:27:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:27:42.779112 2025] [security2:error] [pid 3800:tid 3800] [client 104.207.43.59:9817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.stoutmen.com"] [uri "/.svn/wc.db"] [unique_id "aSQlDrTYN6fatcbZlskf-QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:52:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:51:43.769386 2025] [security2:error] [pid 28752:tid 28752] [client 104.207.43.59:39903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.dezignz.com"] [uri "/.svn/wc.db"] [unique_id "aSQOj7_IJAwuqprJUYSn5wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:01:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:01:16.008384 2025] [security2:error] [pid 5606:tid 5606] [client 104.207.43.59:13939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.herrell.net"] [uri "/.svn/wc.db"] [unique_id "aSQCvICpBRGXAD6md7gFMgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:53:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:53:16.094791 2025] [security2:error] [pid 18193:tid 18262] [client 104.207.43.59:32769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.stridemechanics.com"] [uri "/.svn/wc.db"] [unique_id "aSPkvJqABul9tZzps9kemwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:28:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:28:21.735888 2025] [security2:error] [pid 4182:tid 4182] [client 104.207.43.59:40411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.amywoodruff.com"] [uri "/.svn/wc.db"] [unique_id "aSPe5aGGbFfgRr1Kr9sQ-QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 04:00:59 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
Anonymous	2025-11-16 21:42:59 (7 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.11.16 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-15 18:45:38 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.43.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 13:45:34.281983 2025] [security2:error] [pid 31998:tid 31998] [client 104.207.43.59:44735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wildimaginings.org"] [uri "/.env"] [unique_id "aRjKTtkSA85gzA1csk_lJgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 06:02:13 (7 months ago)	Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.14 is noted in report ti ... show more Attempted brute force login to web vpn 24 time(s); last attempt for 2025.11.14 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-14 05:14:25 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 64.39.106.19

🇧🇷 45.161.29.204

🇩🇪 43.165.62.10

🇧🇷 20.206.88.164

🇫🇮 172.253.83.218

🇭🇰 152.32.209.166

🇮🇳 80.65.208.120

🇺🇸 40.77.179.97

🇹🇼 198.235.24.50

🇧🇷 189.52.52.162

🇳🇱 176.65.149.230

🇩🇪 155.117.234.80

🇺🇸 24.144.84.83

🇻🇳 14.248.83.33

🇰🇷 1.247.245.61

🇻🇪 190.205.21.145

🇮🇷 93.110.62.37

🇳🇱 85.11.167.109

🇮🇪 65.52.75.227

🇨🇳 60.205.223.197