JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.235

104.207.57.235 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 17%: ?

17%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.235

Whois 104.207.57.235

IP Abuse Reports for 104.207.57.235:

This IP address has been reported a total of 131 times from 19 distinct sources. 104.207.57.235 was first reported on June 11th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇽 octageeks.com	2026-05-24 04:07:15 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇸 lostswordfish.com	2026-05-22 20:28:03 (2 weeks ago)	Wordfence waf block on wp20190711M4	Web App Attack
🇨🇭 4server	2026-05-22 19:52:03 (2 weeks ago)	[FriMay2221:51:57.5752242026][security2:error][pid2478585:tid2478596][client104.207.57.235:0]ModSecu ... show more [FriMay2221:51:57.5752242026][security2:error][pid2478585:tid2478596][client104.207.57.235:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?i\)\(127\\\\\\\\.0\\\\\\\\.0\\\\\\\\.1\\|localhost\\|0\\\\\\\\.0\\\\\\\\.0\\\\\\\\.0\\|169\\\\\\\\.254\\\\\\\\.169\\\\\\\\.254\)\"atARGS:pwd.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"20\"][id\"990003\"][msg\"PossibleSSRF/internalhostaccessattempt\"][hostname\"benvenutialfood.biz\"][uri\"/wp-login.php\"][unique_id\"ahCz3Wdk9X6B-0k2LLlzoQAAAQk\"]\,referer:https://benvenutialfood.biz/wp-login.php show less	Hacking Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇫🇷 tilellit.pro	2026-03-09 22:32:23 (3 months ago)	Fail2Ban banned 104.207.57.235 for security violations in jail nginx-aggressive. Log: 2026/03/09 22: ... show more Fail2Ban banned 104.207.57.235 for security violations in jail nginx-aggressive. Log: 2026/03/09 22:32:23 [error] FastCGI sent in stderr: "Primary script unknown" , client: 104.207.57.235, server: [REDACTED], request: "POST /wp-admin/xmlrpc.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] 2026/03/09 22:32:23 [error] FastCGI sent in stderr: "Primary script unknown" , client: 104.207.57.235, server: [REDACTED], request: "POST /wp-admin/xmlrpc.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] ... show less	Bad Web Bot Web App Attack
Anonymous	2026-01-03 13:44:43 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.03 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-30 20:33:28 (5 months ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:44:56 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:44:51.475494 2025] [security2:error] [pid 24348:tid 24348] [client 104.207.57.235:12125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cycontechnology.com"] [uri "/.env"] [unique_id "aVIHQ_5CAKsSVog60NVNmQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-14 00:42:32 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-02 13:09:03 (6 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 Burayot	2025-11-29 01:47:35 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.57.235 (DE/Germany/-): 2 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.57.235 (DE/Germany/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 21:13:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:12:55.591768 2025] [security2:error] [pid 28800:tid 28800] [client 104.207.57.235:39703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dupagekanewildliferemoval.com"] [uri "/.svn/wc.db"] [unique_id "aSi-18dO5UPkVh2DSCHCOgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 19:00:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:00:36.496341 2025] [security2:error] [pid 1687416:tid 1687445] [client 104.207.57.235:21425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aclarityforensics.com"] [uri "/.git/HEAD"] [unique_id "aSif1AZGM56OFrhiftJPnQAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 12:05:04 (6 months ago)	Attempted brute force login to web vpn 198 time(s); last attempt for 2025.11.27 is noted in report t ... show more Attempted brute force login to web vpn 198 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 Psycho Solutions LLC	2025-11-24 02:15:19 (6 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 11/24/2025 2:15 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 73.222.215.102

🇨🇦 35.234.243.86

🇺🇸 165.227.209.27

🇭🇰 103.226.124.223

🇨🇳 39.156.172.72

🇺🇸 34.123.69.22

🇩🇪 34.32.58.86

🇺🇸 34.27.229.156

🇳🇱 20.93.194.128

🇬🇧 18.175.255.98

🇨🇦 2001:1810:41c1:45:0:4:d837:9248

🇭🇰 152.32.252.65

🇵🇭 103.120.69.201

🇺🇸 66.132.224.227

🇨🇳 58.50.199.109

🇨🇳 49.116.25.62

🇩🇪 46.224.239.112

🇳🇱 45.142.193.169

🇮🇩 36.92.140.209

🇺🇸 35.253.90.132