JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.143

104.207.57.143 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 62%: ?

62%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.143

Whois 104.207.57.143

IP Abuse Reports for 104.207.57.143:

This IP address has been reported a total of 148 times from 26 distinct sources. 104.207.57.143 was first reported on June 11th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 abuse-detection	2026-06-22 16:15:09 (1 day ago)	Web security detection (http-wordpress-auth-probes); path=/wp-login.php; status=301	Brute-Force Web App Attack
🇫🇷 pm33	2026-06-21 04:25:05 (2 days ago)	Wordpress login attempts	Brute-Force
🇲🇽 octageeks.com	2026-06-20 04:16:03 (3 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇩🇪 georgengelmann	2026-06-19 04:30:09 (4 days ago)	Failed login attempt for admin	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-06-17 22:55:12 (5 days ago)	IM360 WAF: Prohibited WordPress username login/registration	Web App Attack
Anonymous	2026-06-17 16:55:00 (6 days ago)	2026-06-17T18:55:00.750800+02:00 zanati wp(sahpa.co.za)[2548746]: Blocked authentication attempt for ... show more 2026-06-17T18:55:00.750800+02:00 zanati wp(sahpa.co.za)[2548746]: Blocked authentication attempt for administrator from 104.207.57.143 ... show less	Web App Attack
Anonymous	2026-06-16 23:09:01 (6 days ago)	[osotir.org] httpd-login-spray-site: sites=ear-books.com; logs=/var/log/httpd/domains/ear-books.com. ... show more [osotir.org] httpd-login-spray-site: sites=ear-books.com; logs=/var/log/httpd/domains/ear-books.com.log; samples=site_wide=true \| distinct_ips=33 \| /wp-login.php show less	Hacking Web App Attack
🇩🇪 london2038.com	2026-06-16 01:16:57 (1 week ago)	Attacking WordPress 104.207.57.143 - - [16/Jun/2026:03:16:55 +0200] "POST /wp-login.php HTTP/1.1" 50 ... show more Attacking WordPress 104.207.57.143 - - [16/Jun/2026:03:16:55 +0200] "POST /wp-login.php HTTP/1.1" 503 19309 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇫🇷 solution.it	2026-06-13 20:48:49 (1 week ago)	[Sat Jun 13 22:48:48.514168 2026] [php7:error] [pid 3426700:tid 3426700] [client 104.207.57.143:1146 ... show more [Sat Jun 13 22:48:48.514168 2026] [php7:error] [pid 3426700:tid 3426700] [client 104.207.57.143:11467] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat, referer: https://blog.solution.it/wp-login.php show less	Web App Attack
🇬🇷 setupgr	2026-06-13 10:10:38 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.57.143: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.57.143: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 13:10:37.040384 2026] [security2:error] [pid 705244:tid 705394] [client 104.207.57.143:24221] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.setworldup.com"] [uri "/wp-login.php"] [unique_id "ai0sncJfU53COhMBEC1_-wAAAFQ"], referer: https://mail.setworldup.com/wp-login.php show less	Port Scan
🇩🇪 4server	2026-06-13 05:19:23 (1 week ago)	[SatJun1307:19:18.1541472026][security2:error][pid617806:tid617917][client104.207.57.143:0]ModSecuri ... show more [SatJun1307:19:18.1541472026][security2:error][pid617806:tid617917][client104.207.57.143:0]ModSecurity:Accessdeniedwithcode403$phase1$.Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"beyondsecurity.ch\"][uri\"/xmlrpc.php\"][unique_id\"aizoVrOcqtdYqr_XwT8ZRgAAARc\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-12 19:13:15 (1 week ago)	(y4) Failed scan -byebye- from 104.207.57.143 (DE/Germany/-): (CF_ENABLE)	Hacking
🇬🇷 setupgr	2026-06-12 00:57:51 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.57.143: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.57.143: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 03:57:50.338369 2026] [security2:error] [pid 53054:tid 53087] [client 104.207.57.143:11031] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: tavernadimitris.com"] [severity "CRITICAL"] [tag "security"] [hostname "tavernadimitris.com"] [uri "/wp-login.php"] [unique_id "aitZjun8ZOKItT2VFMooBQAAAUY"], referer: https://tavernadimitris.com/wp-login.php show less	Port Scan
Anonymous	2025-12-21 12:50:42 (6 months ago)	Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 19:40:11 (6 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.12.19 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 144.48.6.26

🇺🇸 34.86.173.47

🇨🇳 14.103.107.214

🇹🇷 2.56.248.186

🇯🇵 118.17.6.138

🇸🇪 79.136.8.69

🇱🇹 77.90.185.79

🇲🇾 47.250.93.212

🇭🇰 43.155.72.127

🇰🇿 31.132.90.3

🇹🇷 31.58.249.131

🇹🇷 213.218.251.223

🇨🇴 186.148.178.214

🇹🇭 180.180.120.123

🇭🇰 156.226.176.91

🇨🇳 123.188.126.60

🇺🇸 66.132.186.177

🇹🇷 2.56.248.4

🇲🇽 187.213.158.135

🇹🇷 87.76.135.61