JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.125

104.207.57.125 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.125

Whois 104.207.57.125

IP Abuse Reports for 104.207.57.125:

This IP address has been reported a total of 140 times from 26 distinct sources. 104.207.57.125 was first reported on June 20th 2024, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 [email protected]	2026-06-10 15:51:20 (6 days ago)	[Wed Jun 10 17:51:09.070069 2026] [authz_core:error] [pid 2201488:tid 2201570] [remote 104.207.57.12 ... show more [Wed Jun 10 17:51:09.070069 2026] [authz_core:error] [pid 2201488:tid 2201570] [remote 104.207.57.125:36299] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php show less	Brute-Force Web App Attack
🇩🇪 4server	2026-04-13 17:55:53 (2 months ago)	[MonApr1319:55:26.0964992026][security2:error][pid1311240:tid1311369][client104.207.57.125:0]ModSecu ... show more [MonApr1319:55:26.0964992026][security2:error][pid1311240:tid1311369][client104.207.57.125:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\\|wget\\|python\\|nikto\\|sqlmap\\|acunetix\\|fimap\\|dirbuster\\|cmsmap\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"195\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"studio-portale.ch\"][uri\"/.env\"][unique_id\"ad0uDr0jYYDc4rXD3HtIJwAAAJI\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 masterguru	2026-03-28 10:25:24 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.57.125 (DE/Germany/-): 1 in the last 3 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.57.125 (DE/Germany/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇺🇸 mnsf	2026-02-16 01:05:28 (4 months ago)	Scanning/Probing (26)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-02-15 12:50:53 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:37:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:37:23.967466 2026] [security2:error] [pid 26416:tid 26416] [client 104.207.57.125:17875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taylorandatlantic.net"] [uri "/admin/.env"] [unique_id "aZGv8yK45qd1uxLcwLlwCQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:12:16 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:12:13.233022 2026] [security2:error] [pid 18023:tid 18023] [client 104.207.57.125:40391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sunshinenv.com"] [uri "/frontend/.env"] [unique_id "aZFVrUztbWC4FdtSE4f9AwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:06:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:06:46.179379 2026] [security2:error] [pid 314087:tid 314110] [client 104.207.57.125:34591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stonyp.com"] [uri "/wp/.git/config"] [unique_id "aZFGVuYxiADdM-D-ZqVJjgAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 03:41:00 (4 months ago)	Try to access /wp/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:34:26 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:34:21.158267 2026] [security2:error] [pid 22104:tid 22121] [client 104.207.57.125:11223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steedtimber.com"] [uri "/.env.save"] [unique_id "aZE-vZdbqspsQW1awXA4LgAAAUo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:12:18 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:12:11.483709 2026] [security2:error] [pid 32699:tid 32699] [client 104.207.57.125:35411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stananddana.com"] [uri "/app/.env"] [unique_id "aZE5ixCjOysXbAe3v362XQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:56:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:56:53.108368 2026] [security2:error] [pid 19312:tid 19312] [client 104.207.57.125:43025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "srippy.com"] [uri "/.git/config"] [unique_id "aZE19RqHWxEqXAhYtbms0wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:46:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:46:50.555539 2026] [security2:error] [pid 21507:tid 21507] [client 104.207.57.125:23395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mplsmedia.com"] [uri "/v2/.git/config"] [unique_id "aZEXev9CkPrrAs2TiuYVEQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:08:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:08:33.755046 2026] [security2:error] [pid 10617:tid 10617] [client 104.207.57.125:31663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lordhari.com"] [uri "/api/.env"] [unique_id "aZEOgZYfWS208UGur_GhIgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 00:05:50 (4 months ago)	Scanning/Probing (26)	Brute-Force Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.242.226.33

🇨🇳 175.43.163.206

🇪🇬 154.177.234.218

🇨🇳 122.200.86.179

🇰🇷 121.1.80.17

🇳🇱 91.92.42.155

🇳🇱 91.92.42.19

🇳🇱 81.19.216.109

🇳🇱 81.19.216.92

🇳🇱 81.19.216.73

🇩🇪 79.228.1.107

🇩🇪 69.5.169.40

🇺🇸 64.62.156.43

🇭🇰 43.132.227.251

🇺🇸 20.168.111.82

🇮🇩 2402:8780:1014:807f:5905:12fb:310e:97e0

🇩🇪 213.209.159.238

🇺🇸 190.111.160.239

🇺🇸 162.216.149.118

🇵🇹 161.230.217.176