JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.167

104.207.57.167 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 31%: ?

31%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.167

Whois 104.207.57.167

IP Abuse Reports for 104.207.57.167:

This IP address has been reported a total of 133 times from 22 distinct sources. 104.207.57.167 was first reported on June 5th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-03 11:50:33 (2 days ago)	(y4) Failed scan -byebye- from 104.207.57.167 (DE/Germany/-): (CF_ENABLE)	Hacking
🇲🇹 Malta	2026-06-02 16:15:17 (2 days ago)	104.207.57.167 - - [02/Jun/2026:18:15:17 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ... show more 104.207.57.167 - - [02/Jun/2026:18:15:17 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 FeG Deutschland	2026-05-27 08:54:44 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 lostswordfish.com	2026-05-27 08:30:05 (1 week ago)	Wordfence waf block on taussigtravel	Web App Attack
🇱🇻 garmtech.com	2026-05-04 20:53:17 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-53.104.207.57.167.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-53.104.207.57.167.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:45:37 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-01-24 10:13:22 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.57.167 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 104.207.57.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 24 05:13:17.152259 2026] [security2:error] [pid 12417:tid 12417] [client 104.207.57.167:18971] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|havelocktruckandauto.ca\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "havelocktruckandauto.ca"] [uri "/2018.db"] [unique_id "aXSbPe4apyyJTj2rISH_OAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-03 13:41:30 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report timestamp show less	Hacking Brute-Force
🇬🇧 relianoid.com	2026-01-01 17:49:50 (5 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇬🇧 relianoid.com	2025-12-24 03:14:59 (5 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2025-10-22 19:37:43 (7 months ago)	2025-10-22T21:37:40.483278 localhost.localdomain sshd[833310]: pam_unix(sshd:auth): authentication f ... show more 2025-10-22T21:37:40.483278 localhost.localdomain sshd[833310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.207.57.167 2025-10-22T21:37:42.283373 localhost.localdomain sshd[833310]: Failed password for invalid user [email protected] from 104.207.57.167 port 43851 ssh2 ... show less	Brute-Force SSH
Anonymous	2025-04-07 08:30:52 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 23:07:19 (1 year ago)	Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 20:04:06 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 17:06:36 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇬 41.210.131.212

🇺🇸 216.218.206.66

🇺🇸 205.210.31.47

🇧🇷 170.231.129.215

🇨🇮 154.0.30.137

🇻🇳 113.173.3.136

🇨🇱 45.236.128.46

🇬🇧 5.226.140.96

🇬🇧 195.140.214.23

🇲🇽 189.138.32.1

🇳🇱 185.224.128.16

🇺🇸 162.243.228.110

🇸🇬 152.42.212.128

🇫🇮 147.185.133.119

🇺🇸 69.164.216.98

🇺🇸 44.220.188.136

🇨🇳 36.133.184.250

🇬🇧 35.203.210.47

🇦🇺 34.40.145.110

🇬🇧 5.181.124.7