JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.222

104.207.58.222 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.222

Whois 104.207.58.222

IP Abuse Reports for 104.207.58.222:

This IP address has been reported a total of 131 times from 13 distinct sources. 104.207.58.222 was first reported on June 8th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-31 13:00:49 (1 week ago)	wordpress authentication brute force	Brute-Force Web App Attack
🇩🇪 4server	2026-05-30 12:38:41 (1 week ago)	[SatMay3014:38:39.1274952026][security2:error][pid3768921:tid3769036][client104.207.58.222:0]ModSecu ... show more [SatMay3014:38:39.1274952026][security2:error][pid3768921:tid3769036][client104.207.58.222:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"ci-ticino.ch\"][uri\"/wp-login.php\"][unique_id\"ahraT2tbnurKHrMkP33GIwAAAIY\"]\,referer:https://ci-ticino.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
🇨🇭 4server	2026-05-28 22:14:41 (1 week ago)	[FriMay2900:14:37.5881942026][security2:error][pid2283904:tid2284042][client104.207.58.222:0]ModSecu ... show more [FriMay2900:14:37.5881942026][security2:error][pid2283904:tid2284042][client104.207.58.222:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?i\)\(127\\\\\\\\.0\\\\\\\\.0\\\\\\\\.1\\|localhost\\|0\\\\\\\\.0\\\\\\\\.0\\\\\\\\.0\\|169\\\\\\\\.254\\\\\\\\.169\\\\\\\\.254\)\"atARGS:pwd.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"20\"][id\"990003\"][msg\"PossibleSSRF/internalhostaccessattempt\"][hostname\"salonesamire.ch\"][uri\"/wp-login.php\"][unique_id\"ahi-TW4pHXiraU6Ot2bctAAAAQ0\"]\,referer:https://salonesamire.ch/wp-login.php show less	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:08 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-11 02:07:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 21:07:49.889720 2025] [security2:error] [pid 24574:tid 24602] [client 104.207.58.222:19569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scottspencergfx.com"] [uri "/.svn/wc.db"] [unique_id "aTondSndZmMd_N5_adVwCAAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 16:21:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 11:21:24.836116 2025] [security2:error] [pid 20212:tid 20212] [client 104.207.58.222:28531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brushmileage.org"] [uri "/.git/HEAD"] [unique_id "aTWphIWAa9T5WefjSQ4_ZAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:59:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:59:25.677843 2025] [security2:error] [pid 18038:tid 18038] [client 104.207.58.222:30257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cesmat.com"] [uri "/.git/HEAD"] [unique_id "aTJYneKwdDnN6No_ldx4ZQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:13:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:13:27.416095 2025] [security2:error] [pid 6987:tid 6987] [client 104.207.58.222:20801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wellingtonrossi.com"] [uri "/.env"] [unique_id "aSbg11gOBjOgnR0kSXIwYgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:41:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:40:59.422016 2025] [security2:error] [pid 2599442:tid 2599442] [client 104.207.58.222:27501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pluralmatrix.net"] [uri "/.svn/wc.db"] [unique_id "aSa9G_LR_YVOyd-nH4NPcgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:55:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:55:33.308700 2025] [security2:error] [pid 21124:tid 21124] [client 104.207.58.222:27235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.scatchellsbeefstand.com"] [uri "/.git/HEAD"] [unique_id "aSaWVbz6gIzrcU9BDaYi-gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:49:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:49:06.076546 2025] [security2:error] [pid 17078:tid 17078] [client 104.207.58.222:30281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.johnandrews.net"] [uri "/.git/HEAD"] [unique_id "aSZqohBOCH10gLD8ux7Y1QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:25:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:25:17.331425 2025] [security2:error] [pid 7491:tid 7491] [client 104.207.58.222:20403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goodmanhvac.savingshvac.com"] [uri "/.env"] [unique_id "aSZI7Zz0VLc-nWGKWMjnxAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:10:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:10:11.906822 2025] [security2:error] [pid 545:tid 545] [client 104.207.58.222:17259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.skeletron.com"] [uri "/.git/HEAD"] [unique_id "aSZFY5gNb_8q5yNYjBRDagAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:13:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:13:37.290597 2025] [security2:error] [pid 10747:tid 10770] [client 104.207.58.222:45917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ronibenzvi.com"] [uri "/.svn/wc.db"] [unique_id "aSVJEV2GfO2s-Qdwr6eCUQAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:54:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:53:55.806835 2025] [security2:error] [pid 17392:tid 17392] [client 104.207.58.222:23449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.dogandponyband.com"] [uri "/.env"] [unique_id "aSVEc33u1vIQCgLHWbiTcQAAACw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 212.87.199.64

🇲🇴 182.93.50.90

🇺🇸 170.106.74.215

🇺🇸 152.32.183.231

🇺🇸 66.132.186.227

🇬🇧 2a06:4880:6000::78

🇫🇷 185.177.72.17

🇫🇷 91.231.89.1

🇨🇱 200.89.69.247

🇷🇺 78.138.168.46

🇺🇸 35.253.200.48

🇺🇸 185.223.152.121

🇷🇺 178.251.142.14

🇳🇱 178.227.168.19

🇧🇷 177.104.199.160

🇩🇪 167.172.104.217

🇹🇭 147.50.227.79

🇨🇳 118.212.120.214

🇺🇸 107.172.156.243

🇺🇸 34.85.135.207