JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.188

104.207.57.188 was found in our database!

This IP was reported 160 times. Confidence of Abuse is 39%: ?

39%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.188

Whois 104.207.57.188

IP Abuse Reports for 104.207.57.188:

This IP address has been reported a total of 160 times from 28 distinct sources. 104.207.57.188 was first reported on June 21st 2024, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-06-13 04:11:33 (3 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇹 Malta	2026-06-12 08:44:50 (22 hours ago)	104.207.57.188 - - [12/Jun/2026:10:44:49 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 104.207.57.188 - - [12/Jun/2026:10:44:49 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
Anonymous	2026-06-11 04:50:37 (2 days ago)	[ssd1.kdns.gr] httpd-login-spray-site: sites=nbmedical.gr; logs=/var/log/httpd/domains/nbmedical.gr. ... show more [ssd1.kdns.gr] httpd-login-spray-site: sites=nbmedical.gr; logs=/var/log/httpd/domains/nbmedical.gr.log; samples=site_wide=true \| distinct_ips=14 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 Hippoline	2026-06-08 16:58:01 (4 days ago)	Jun 8 18:58:01 local wp(XXXX-A)[619]: Authentication attempt for unknown user wpengine from ::ffff: ... show more Jun 8 18:58:01 local wp(XXXX-A)[619]: Authentication attempt for unknown user wpengine from ::ffff:104.207.57.188 ... show less	Brute-Force Web App Attack
🇫🇷 ELYAZ	2026-06-01 15:13:29 (1 week ago)	(y4) Failed scan -byebye- from 104.207.57.188 (DE/Germany/-): (CF_ENABLE)	Hacking
🇩🇪 big-cloud.nl	2026-05-30 22:26:31 (1 week ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇲🇽 octageeks.com	2026-05-30 04:12:46 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
Anonymous	2026-05-29 02:45:58 (2 weeks ago)	[ssd5.kdns.gr] httpd-login-spray-site: sites=weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/w ... show more [ssd5.kdns.gr] httpd-login-spray-site: sites=weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/weihnachtsbasar-athen.gr.log; samples=site_wide=true \| distinct_ips=16 \| /wp-login.php show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:41:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:41:10.000882 2026] [security2:error] [pid 8144:tid 8144] [client 104.207.57.188:43671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindbodyrestored.com"] [uri "/api/.env"] [unique_id "aY8p9uLg59koxKp7uVn1-gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:26:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:26:03.619180 2026] [security2:error] [pid 23305:tid 23305] [client 104.207.57.188:15989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millcitymakers.com"] [uri "/api/.env"] [unique_id "aY8ma_Qiymy4_M2Oo-1OtQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:48:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:48:20.187496 2026] [security2:error] [pid 30873:tid 30873] [client 104.207.57.188:52575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "midcityrotary.org"] [uri "/v2/.git/config"] [unique_id "aY8dlA2A42kNFtUnP__qCAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 08:43:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:43:26.480869 2026] [security2:error] [pid 3489:tid 3489] [client 104.207.57.188:40855] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meshbagsandmore.com"] [uri "/api/.env"] [unique_id "aY7kLvgaz1P72GUit-5yXgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 0x44	2026-02-13 07:13:38 (4 months ago)	104.207.57.188 [13/Feb/2026] * Spam host detected, probing for vulnerabilities	Web Spam Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:41:14 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:41:10.264630 2026] [security2:error] [pid 7115:tid 7115] [client 104.207.57.188:38019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "med-engineering.com"] [uri "/api/.env"] [unique_id "aY7HhtE3yPhUkOUbPJwljQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:18:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:18:41.884969 2026] [security2:error] [pid 25684:tid 25684] [client 104.207.57.188:46427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matteozacchino.com"] [uri "/backup/.git/config"] [unique_id "aY60MS09TfNVl2Ea4YnnBQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 160 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 85.217.140.16

🇫🇷 194.163.174.214

🇲🇽 186.96.145.241

🇩🇪 185.231.59.141

🇳🇱 185.107.80.93

🇮🇳 180.214.129.95

🇨🇳 171.114.230.182

🇺🇸 146.168.191.176

🇹🇭 118.27.146.111

🇱🇹 91.224.92.19

🇺🇸 71.206.190.209

🇺🇸 64.62.156.176

🇲🇾 47.254.192.137

🇺🇸 18.97.26.103

🇰🇷 1.235.192.214

🇺🇸 2607:f8b0:4023:1009::127

🇪🇸 217.160.226.51

🇺🇸 216.73.216.98

🇺🇸 188.213.202.86

🇺🇸 162.216.150.156