JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.79

104.207.57.79 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.79

Whois 104.207.57.79

IP Abuse Reports for 104.207.57.79:

This IP address has been reported a total of 131 times from 20 distinct sources. 104.207.57.79 was first reported on June 19th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ghostwarriors	2026-05-26 00:50:04 (1 week ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
🇫🇮 inlink.ltd	2026-05-23 18:22:53 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 rdpguard.com	2026-04-05 19:16:33 (1 month ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇫🇷 dynamix	2026-04-02 15:07:59 (2 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇨🇭 backslash	2026-01-25 01:10:04 (4 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2026-01-05 20:13:36 (4 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-21 12:58:58 (5 months ago)	Attempted brute force login to web vpn 198 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 198 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 22:53:32 (5 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇧🇪 madeit	2025-11-27 12:21:08 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:49:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:49:41.632934 2025] [security2:error] [pid 13047:tid 13047] [client 104.207.57.79:48101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ubuciko.com"] [uri "/.svn/wc.db"] [unique_id "aSa_JX2NBSo1u6gNQ1TejQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:17:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:17:33.786489 2025] [security2:error] [pid 31711:tid 31711] [client 104.207.57.79:13167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ticmonster.com"] [uri "/.env"] [unique_id "aSabffzOQtZ-wptUt9yidwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:18:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:18:32.371891 2025] [security2:error] [pid 20435:tid 20435] [client 104.207.57.79:49277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cypro.com"] [uri "/.svn/wc.db"] [unique_id "aSZxiBOVEMz8G-pXkZ3JiwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:41:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.79 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:41:15.000231 2025] [security2:error] [pid 10713:tid 10713] [client 104.207.57.79:34531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.blockdredge.com"] [uri "/.git/HEAD"] [unique_id "aSUJOhMdebpjm1rUHEF5oAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-25 00:02:56 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 51.77.74.222

🇧🇷 45.205.1.246

🇩🇪 146.70.117.70

🇨🇳 123.160.221.152

🇮🇳 118.185.158.177

🇸🇬 103.189.234.96

🇩🇪 87.106.171.85

🇺🇸 18.189.74.1

🇺🇸 148.153.188.254

🇮🇳 122.185.146.166

🇩🇪 78.111.67.242

🇳🇱 45.148.10.240

🇳🇱 45.148.10.121

🇦🇪 5.193.77.83

🇷🇴 2.57.122.238

🇬🇧 185.216.145.177

🇨🇳 118.123.1.36

🇻🇳 103.228.36.70

🇩🇪 94.130.64.171

🇸🇪 82.209.148.60