JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.109.57.223

3.109.57.223 was found in our database!

This IP was reported 73 times. Confidence of Abuse is 69%: ?

69%

ISP	Amazon Data Services India
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-3-109-57-223.ap-south-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.109.57.223

Whois 3.109.57.223

IP Abuse Reports for 3.109.57.223:

This IP address has been reported a total of 73 times from 51 distinct sources. 3.109.57.223 was first reported on March 31st 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-05-17 22:39:32 (1 month ago)		Brute-Force Web App Attack
🇳🇱 Site.eu	2026-05-17 16:58:23 (1 month ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 octageeks.com	2026-05-17 04:06:42 (1 month ago)	Wordpress malicious attack:[octawp]	Web App Attack
Anonymous	2026-05-17 00:21:00 (1 month ago)	Web attack blocked by Wordfence on gedichtenlangsdegeul.nl (1 hit). Reported by CRMON.	Web App Attack
🇩🇪 bsoft.de	2026-05-16 23:58:04 (1 month ago)	3.109.57.223 - - [16/May/2026:21:07:00 +0200] "GET /wp-login.php HTTP/1.1" 404 75119 "https://bolte. ... show more 3.109.57.223 - - [16/May/2026:21:07:00 +0200] "GET /wp-login.php HTTP/1.1" 404 75119 "https://bolte.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 3.109.57.223 - - [16/May/2026:22:23:06 +0200] "GET /wp-login.php HTTP/1.1" 404 134253 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 3.109.57.223 - - [17/May/2026:01:58:03 +0200] "GET /wp-login.php HTTP/1.1" 404 133924 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 mind5t0rm	2026-05-16 23:48:43 (1 month ago)	(WPLOGIN) WP Login Attack 3.109.57.223 (IN/India/ec2-3-109-57-223.ap-south-1.compute.amazonaws.com): ... show more (WPLOGIN) WP Login Attack 3.109.57.223 (IN/India/ec2-3-109-57-223.ap-south-1.compute.amazonaws.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 3.109.57.223 - - [17/May/2026:06:34:29 +0700] "GET /wp-login.php HTTP/1.1" 200 2362 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 3.109.57.223 - - [17/May/2026:06:34:31 +0700] "POST /wp-login.php HTTP/1.1" 200 2525 "https://digi.travel/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 3.109.57.223 - - [17/May/2026:06:48:42 +0700] "GET /wp-login.php HTTP/2.0" 200 2548 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Port Scan
🇨🇿 plzenskypruvodce.cz	2026-05-16 23:39:59 (1 month ago)	2026-05-17T01:39:58.741190+02:00 web wordpress(varhanykolin.cz)[3839403]: Immediately block connecti ... show more 2026-05-17T01:39:58.741190+02:00 web wordpress(varhanykolin.cz)[3839403]: Immediately block connections from 3.109.57.223 ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-05-16 23:31:51 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 3.109.57.223 (ec2-3-109-57-223.ap-south-1.compu ... show more (mod_security) mod_security (id:225170) triggered by 3.109.57.223 (ec2-3-109-57-223.ap-south-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 19:31:44.144439 2026] [security2:error] [pid 3831:tid 3831] [client 3.109.57.223:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|local639.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "local639.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agj-YMq4OKIFATWSp6kscgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 interbiznw.com	2026-05-16 23:22:01 (1 month ago)	wordpress-bruteforce	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 london2038.com	2026-05-16 22:35:41 (1 month ago)	Attacking WordPress 3.109.57.223 - - [17/May/2026:00:35:38 +0200] "POST /wp-login.php HTTP/2.0" 503 ... show more Attacking WordPress 3.109.57.223 - - [17/May/2026:00:35:38 +0200] "POST /wp-login.php HTTP/2.0" 503 19291 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-05-16 22:30:08 (1 month ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇫🇷 SpaceHost-Server	2026-05-16 22:29:43 (1 month ago)		Brute-Force Web App Attack
🇩🇪 expandmade.com	2026-05-16 22:04:35 (1 month ago)	unauthorized rest api call [16/May/2026:22:04:34 "GET /wp-json/wp/v2/users/me"]	Web App Attack
🇫🇷 tecnicorioja	2026-05-16 22:01:04 (1 month ago)	wp-login attack [16/May/2026:03:45:02	Brute-Force Web App Attack
🇺🇸 floreriaexpress	2026-05-16 21:57:06 (1 month ago)	FakeADS-Anti: country:IN \| https://floreriaexpresschile.cl/wp-login.php	Bad Web Bot

Showing 1 to 15 of 73 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 191.210.73.33

🇷🇺 185.245.184.230

🇧🇷 177.84.53.106

🇧🇷 177.84.53.47

🇧🇷 177.84.53.5

🇧🇷 177.74.107.67

🇺🇸 172.245.102.21

🇺🇸 156.232.13.161

🇭🇰 152.32.135.217

🇺🇸 147.185.132.165

🇭🇰 101.36.107.233

🇳🇱 92.63.197.5

🇬🇧 45.74.0.249

🇺🇸 44.197.127.230

🇺🇸 20.9.92.37

🇨🇳 222.185.239.70

🇧🇷 177.91.52.217

🇧🇷 177.91.52.173

🇧🇷 177.91.52.28

🇧🇷 177.84.53.70