JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.229

104.207.58.229 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 16%: ?

16%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.229

Whois 104.207.58.229

IP Abuse Reports for 104.207.58.229:

This IP address has been reported a total of 138 times from 19 distinct sources. 104.207.58.229 was first reported on June 5th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-06 21:21:46 (1 day ago)	Blocked by UFW (TCP on 80) Source port: 49007 TTL: 50 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 49007 TTL: 50 Packet length: 60 TOS: 0x00 This report (for 104.207.58.229) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
Anonymous	2026-06-06 20:20:14 (1 day ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-02-20 06:53:31 (3 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇬🇧 consul.to	2026-02-15 12:51:05 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 12:05:16 (3 months ago)	(modsecurity) srv101 ModSecurity 104.207.58.229 (TH/Thailand/-): 5 in the last 3600 secs; Ports: ; ... show more (modsecurity) srv101 ModSecurity 104.207.58.229 (TH/Thailand/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:33:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:33:21.927201 2026] [security2:error] [pid 7625:tid 7625] [client 104.207.58.229:14011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steamheat.tech"] [uri "/.env.staging"] [unique_id "aZE-gfbdSOtRiF5olMfu2wAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-15 02:41:58 (3 months ago)	http-sensitive-files - IP: 104.207.58.229 - time="2026-02-15T03:41:58+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.58.229 - time="2026-02-15T03:41:58+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.58.229 (TH/200373) : 4h ban on Ip 104.207.58.229" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:13:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:13:10.595583 2026] [security2:error] [pid 22872:tid 22872] [client 104.207.58.229:64209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mympizzas.com.mx"] [uri "/app/.git/config"] [unique_id "aZErtpL_Nt3-HUv1Zjo6LAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:54:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:54:18.736246 2026] [security2:error] [pid 14412:tid 14412] [client 104.207.58.229:49785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mydarklady.com"] [uri "/v2/.git/config"] [unique_id "aZEnSks2KMZGu0b0b5-_NgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:34:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:34:25.242930 2026] [security2:error] [pid 9567:tid 9567] [client 104.207.58.229:17339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "machineryenchantress.com"] [uri "/v2/.git/config"] [unique_id "aZEiob7WXwFybjEZFS361AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-02-15 00:51:21 (3 months ago)	35 attempts against mh-misbehave-ban on redirect	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:10:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:10:08.216487 2026] [security2:error] [pid 1703:tid 1703] [client 104.207.58.229:47561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "loriatrading.com"] [uri "/frontend/.env"] [unique_id "aZEO4CH03l4yfq_GIqP-RAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:35:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:35:48.050172 2026] [security2:error] [pid 542013:tid 542013] [client 104.207.58.229:29303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lightupaustralia.com.au"] [uri "/test/.git/config"] [unique_id "aZD4xBzRkv2cmJEnAHyNpgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:19:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:19:02.360468 2026] [security2:error] [pid 16314:tid 16314] [client 104.207.58.229:54019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mollins.com"] [uri "/wp/.git/config"] [unique_id "aZD01og-DtbclcNgWgAMfwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-14 22:05:49 (3 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 83.168.106.26

🇩🇪 34.179.143.77

🇮🇷 188.0.240.22

🇨🇳 180.153.236.14

🇨🇳 123.13.41.128

🇻🇳 116.97.108.106

🇻🇳 103.146.23.85

🇺🇸 103.143.238.100

🇳🇱 88.151.33.224

🇸🇬 47.128.42.143

🇺🇸 45.144.115.194

🇺🇦 31.128.79.119

🇰🇷 14.63.196.175

🇩🇪 5.75.225.42

🇩🇪 2a02:4780:3f:2182:0:b0c:66d7:1

🇺🇸 2604:a880:400:d1:0:4:8c06:e001

🇮🇳 2401:4900:a2f3:ffdd:9d09:eee7:ded0:e5ed

🇧🇷 200.155.66.2

🇹🇭 184.22.240.238

🇮🇱 147.235.223.137