JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.179

104.207.57.179 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.179

Whois 104.207.57.179

IP Abuse Reports for 104.207.57.179:

This IP address has been reported a total of 129 times from 21 distinct sources. 104.207.57.179 was first reported on June 6th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇮🇹 Rosh	2026-01-01 04:18:25 (5 months ago)	[01/01/26 05:18:25] 1 attack: /wp-json/wp/v2/users (severity 6);	Web App Attack
🇦🇺 MAGIC	2025-12-12 01:06:24 (6 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-24 08:59:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:58:52.720939 2025] [security2:error] [pid 538:tid 538] [client 104.207.57.179:11599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.agirlwithaguitar.com"] [uri "/.svn/wc.db"] [unique_id "aSQeTJUnPqeVToiPLqsSlwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:26:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:26:08.215590 2025] [security2:error] [pid 15670:tid 15670] [client 104.207.57.179:40365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.schelske.us"] [uri "/.git/HEAD"] [unique_id "aSP6gGoFfo0GtkofTjlQOAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:52:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:52:40.288325 2025] [security2:error] [pid 25173:tid 25173] [client 104.207.57.179:20203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.savingshvac.com"] [uri "/.env"] [unique_id "aSPkmEsOOJThfcrMspMGtAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:23:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:23:36.995896 2025] [security2:error] [pid 5971:tid 5971] [client 104.207.57.179:10685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.elkesmuesli.com"] [uri "/.git/HEAD"] [unique_id "aSPdyPk1fNoue52-_TrzLAAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2025-11-22 13:26:17 (6 months ago)	[Sat Nov 22 14:26:15.715209 2025] [proxy_fcgi:error] [pid 1886108:tid 1886172] [remote 104.207.57.17 ... show more [Sat Nov 22 14:26:15.715209 2025] [proxy_fcgi:error] [pid 1886108:tid 1886172] [remote 104.207.57.179:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Sat Nov 22 14:26:16.659178 2025] [proxy_fcgi:error] [pid 1860024:tid 1860081] [remote 104.207.57.179:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇱🇻 garmtech.com	2025-11-18 21:38:55 (7 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-38.104.207.57.179.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 23-38.104.207.57.179.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-14 00:52:24 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 19:52:18.350778 2025] [security2:error] [pid 21031:tid 21031] [client 104.207.57.179:46725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.18mstudio.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRZ9QnqjsT6sEL5og2Pj5wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-07 19:45:37 (7 months ago)		Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-05 04:12:28 (7 months ago)	WP Login Scan Activities	Web App Attack
🇧🇪 madeit	2025-11-04 17:43:21 (7 months ago)		Web App Attack
🇺🇸 Rip	2025-11-02 09:33:53 (7 months ago)	Authentication attack attempt. CMS Brute Force - Access Forbidden	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-23 06:41:28 (7 months ago)	WP Login Scan Activities	Web App Attack

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 181.214.99.186

🇮🇩 180.243.7.199

🇺🇸 103.234.62.96

🇷🇴 92.118.39.62

🇨🇦 85.217.149.60

🇨🇳 111.26.62.42

🇺🇸 43.135.135.17

🇬🇧 35.203.210.104

🇺🇸 216.180.246.234

🇺🇸 216.73.217.139

🇺🇸 192.227.229.38

🇨🇴 190.60.32.76

🇨🇳 182.119.229.168

🇺🇸 66.132.172.179

🇳🇱 45.148.10.147

🇸🇬 43.134.230.165

🇻🇪 38.150.88.251

🇸🇬 8.222.239.48

🇮🇳 154.84.242.115

🇺🇸 147.185.132.247