JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.168

104.207.57.168 was found in our database!

This IP was reported 151 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.168

Whois 104.207.57.168

IP Abuse Reports for 104.207.57.168:

This IP address has been reported a total of 151 times from 19 distinct sources. 104.207.57.168 was first reported on June 7th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 MatStef132	2026-05-19 21:11:05 (3 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 21:05:47 (3 weeks ago)	MatShield L7: blocked on anonymous (ua-quarantined)	Bad Web Bot
🇳🇱 MatStef132	2026-05-19 20:21:32 (3 weeks ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-05-18 21:59:35 (3 weeks ago)	Auto-ban: >3000 req/min op 2026-05-18	Web App Attack SSH Hacking
🇳🇱 MatStef132	2026-05-15 13:29:59 (3 weeks ago)	MatShield L7 blocked request to fivemtest.mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:38 (3 weeks ago)	[mathost.eu] ua-q	DDoS Attack Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-03-16 07:44:14 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 09-44.104.207.57.168.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 09-44.104.207.57.168.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇵🇱 sefinek.net	2026-02-18 18:52:03 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Xbox; Xbox One) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edge/44.18363.8131 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 mnsf	2026-02-13 14:07:09 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:42:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:42:11.181760 2026] [security2:error] [pid 2783603:tid 2783603] [client 104.207.57.168:64575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leadek.com"] [uri "/admin/.env"] [unique_id "aY8qM-UPvI7Yyejp5JtdlgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:26:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:26:00.150869 2026] [security2:error] [pid 9394:tid 9394] [client 104.207.57.168:28087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lazymanvegan.com"] [uri "/backend/.env"] [unique_id "aY8maJnSVaFFIJ7j40CV-AAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:06:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:06:24.443053 2026] [security2:error] [pid 30719:tid 30791] [client 104.207.57.168:49915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lauricella.us"] [uri "/frontend/.env"] [unique_id "aY8h0BURnomY53g_cuXk-wAAAI8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:15:01 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:14:49.197331 2026] [security2:error] [pid 30461:tid 30461] [client 104.207.57.168:18101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mewebdesign.com"] [uri "/.env.production"] [unique_id "aY7rie_OL_akcyl2u8WO8AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-13 08:45:53 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:08:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:08:49.188489 2026] [security2:error] [pid 21896:tid 21896] [client 104.207.57.168:13703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "menafert.com"] [uri "/backend/.env"] [unique_id "aY7cEQaVNkNTU-fX5fOMmgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 151 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.213.86

🇭🇰 152.32.171.99

🇨🇦 20.220.148.74

🇧🇷 205.210.31.178

🇪🇸 196.196.150.5

🇺🇸 172.183.91.8

🇺🇸 162.252.54.140

🇨🇳 124.92.29.45

🇫🇷 82.67.28.215

🇺🇸 71.6.232.20

🇺🇸 64.62.156.202

🇱🇹 45.227.254.170

🇭🇰 45.142.154.10

🇳🇱 5.61.209.224

🇺🇸 165.154.182.174

🇳🇱 157.245.67.18

🇹🇼 123.195.84.188

🇳🇱 104.248.93.160

🇷🇺 95.165.27.83

🇳🇱 93.123.109.114