JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.94

104.207.57.94 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 25%: ?

25%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.94

Whois 104.207.57.94

IP Abuse Reports for 104.207.57.94:

This IP address has been reported a total of 129 times from 19 distinct sources. 104.207.57.94 was first reported on June 4th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-03 14:46:43 (2 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇫🇷 ELYAZ	2026-05-30 17:46:25 (6 days ago)	(y4) Failed scan -byebye- from 104.207.57.94 (DE/Germany/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-28 19:37:03 (1 week ago)	[server.tmg.gr] httpd-login-spray-site: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep201 ... show more [server.tmg.gr] httpd-login-spray-site: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr.log; samples=site_wide=true \| distinct_ips=29 \| /wp-login.php show less	Hacking Web App Attack
🇩🇪 big-cloud.nl	2026-05-12 03:01:16 (3 weeks ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇺🇸 rdpguard.com	2026-03-26 14:42:30 (2 months ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇱🇻 garmtech.com	2026-01-28 19:39:10 (4 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 18:39:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 13:39:32.579952 2025] [security2:error] [pid 633:tid 633] [client 104.207.57.94:28811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cemesur-vision21.com"] [uri "/.env"] [unique_id "aTcbZKkzfc5vQSL7GtWXwgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 04:45:13 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 23:45:06.345350 2025] [security2:error] [pid 23325:tid 23325] [client 104.207.57.94:45415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "livingwaterresortandspa.com"] [uri "/.git/HEAD"] [unique_id "aTZX0s3Gao8AcsEjwP5mZgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 03:11:42 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 22:11:36.311425 2025] [security2:error] [pid 5078:tid 5078] [client 104.207.57.94:46597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tonytremblayauthor.com"] [uri "/.env"] [unique_id "aTZB6AhBHVvN_Ffu5XVZXAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 13:05:01 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 08:04:55.932436 2025] [security2:error] [pid 10687:tid 10687] [client 104.207.57.94:44173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batchovens.net"] [uri "/.git/HEAD"] [unique_id "aTQp95NfvQzFqaiHxLN4jAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:53:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:53:26.942818 2025] [security2:error] [pid 31080:tid 31080] [client 104.207.57.94:56301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heavenonearthonline.net"] [uri "/.svn/wc.db"] [unique_id "aTQZNpxX0RYUOu8gjnEWwgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:16:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:16:45.514697 2025] [security2:error] [pid 27812:tid 27812] [client 104.207.57.94:60107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coolray.net"] [uri "/.svn/wc.db"] [unique_id "aTQQnfRrwN9H92JOVPaHwAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 17:13:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 12:13:07.113238 2025] [security2:error] [pid 4353:tid 4369] [client 104.207.57.94:47373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "indigowampum.com"] [uri "/.git/HEAD"] [unique_id "aTMSo5XroBTGTA2_DJEo6gAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 16:07:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 11:07:30.319712 2025] [security2:error] [pid 16796:tid 16796] [client 104.207.57.94:25597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "savingshvac.com"] [uri "/.svn/wc.db"] [unique_id "aTMDQvhckDTIi6vFUH-lzAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 19:17:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:17:04.424030 2025] [security2:error] [pid 14353:tid 14353] [client 104.207.57.94:60571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "angelabcomics.com"] [uri "/.env"] [unique_id "aSijsLw7BaQAkC666_4o2AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.18

🇧🇴 181.115.208.189

🇮🇹 172.253.13.156

🇸🇬 165.232.169.124

🇭🇰 152.32.226.205

🇬🇧 51.75.161.33

🇳🇱 195.178.110.30

🇬🇧 194.32.120.52

🇩🇪 165.22.24.255

🇳🇱 160.119.78.78

🇺🇸 157.230.11.241

🇮🇳 128.185.116.114

🇨🇳 106.117.109.123

🇺🇸 76.149.207.185

🇺🇸 52.188.189.7

🇧🇷 46.202.145.215

🇧🇷 45.205.1.240

🇸🇬 43.173.181.54

🇸🇬 43.173.176.71

🇺🇸 31.57.63.117