JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.172

104.207.57.172 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.172

Whois 104.207.57.172

IP Abuse Reports for 104.207.57.172:

This IP address has been reported a total of 130 times from 12 distinct sources. 104.207.57.172 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 fortypoundhead	2026-03-29 00:41:38 (2 months ago)	SQL Injection Attempt	SQL Injection Web App Attack
🇱🇻 garmtech.com	2026-03-28 23:07:55 (2 months ago)	IM360 WAF: Possible SQL injection attack MV:ASC'))--	SQL Injection
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-01-03 13:43:53 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report timestamp show less	Hacking Brute-Force
🇨🇭 backslash	2025-12-31 04:55:04 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇹 VHosting	2025-12-29 18:35:05 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2025-12-21 08:55:28 (5 months ago)	Attempted brute force login to web vpn 216 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 216 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 21:49:58 (5 months ago)	Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 144 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-09 20:31:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 15:31:17.278784 2025] [security2:error] [pid 6601:tid 6601] [client 104.207.57.172:21113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lunarinfrastructure.com"] [uri "/.svn/wc.db"] [unique_id "aTiHFSCMxMk2cnsuyBk6VgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 21:02:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 16:02:30.057985 2025] [security2:error] [pid 9825:tid 9825] [client 104.207.57.172:16381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carmikdesign.com"] [uri "/.git/HEAD"] [unique_id "aTc85iwem70HkgoEWSFRIAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:44:17 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:44:10.046194 2025] [security2:error] [pid 26217:tid 26217] [client 104.207.57.172:37995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "collegecheating.net"] [uri "/.git/HEAD"] [unique_id "aTQXCvlDpVmEWU1slKdOFQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:01:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:01:42.705868 2025] [security2:error] [pid 3777:tid 3777] [client 104.207.57.172:17895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fabrikaz.com"] [uri "/.env"] [unique_id "aTKDVvxKVEFtbuAkRAyi4QAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:22:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:22:51.530440 2025] [security2:error] [pid 4952:tid 4952] [client 104.207.57.172:32587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tidarat.com"] [uri "/.svn/wc.db"] [unique_id "aTJQC-EzmYMJ_g60nhlPAQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 21:21:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 16:21:25.406974 2025] [security2:error] [pid 22595:tid 22595] [client 104.207.57.172:24731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web87.dnchosting.com"] [uri "/.git/HEAD"] [unique_id "aSdvVQsI2nrhMx8HVzW8WQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-11-25 23:02:35 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.63.10

🇩🇪 178.16.52.20

🇳🇱 176.65.148.156

🇧🇼 168.167.228.123

🇺🇸 104.238.81.133

🇳🇱 89.21.67.140

🇺🇸 45.92.229.70

🇺🇸 34.228.104.231

🇮🇳 27.7.85.45

🇨🇦 176.113.74.89

🇷🇺 176.109.97.11

🇩🇪 161.35.70.45

🇦🇹 152.53.111.131

🇮🇩 103.166.10.244

🇯🇵 92.202.82.102

🇺🇸 91.230.168.34

🇷🇺 46.146.229.239

🇳🇱 45.148.10.240

🇳🇱 45.148.10.147

🇸🇬 43.163.107.154