JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.58.26

104.207.58.26 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.58.26

Whois 104.207.58.26

IP Abuse Reports for 104.207.58.26:

This IP address has been reported a total of 135 times from 15 distinct sources. 104.207.58.26 was first reported on June 4th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 myagent.site	2025-12-31 05:38:53 (5 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇩🇪 paissangroup	2025-12-30 11:33:44 (5 months ago)	Multiple WAF Violations	Web App Attack
🇮🇹 VHosting	2025-12-29 01:45:06 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 22:43:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:43:41.317305 2025] [security2:error] [pid 328:tid 328] [client 104.207.58.26:19661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotelkona.com"] [uri "/.env"] [unique_id "aS9rncLD31Y90qFCbxZaowAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:43:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:43:14.152338 2025] [security2:error] [pid 25411:tid 25411] [client 104.207.58.26:22535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirkrmartin.com"] [uri "/.env"] [unique_id "aS7s8iMGk2rrlxTZRmbZ1wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:02:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:02:20.060071 2025] [security2:error] [pid 375867:tid 375881] [client 104.207.58.26:17873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oldnorthwestlandco.com"] [uri "/.svn/wc.db"] [unique_id "aS6O_Dlb4K6-osJT6-pJyAAAAEw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:06:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:06:11.664162 2025] [security2:error] [pid 453:tid 453] [client 104.207.58.26:28739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teenaarunoceans.com"] [uri "/.env"] [unique_id "aS6B0124TRdjCyqIySGOfgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-02 06:00:41 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:14:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:14:14.594400 2025] [security2:error] [pid 31037:tid 31037] [client 104.207.58.26:33773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "claytonsinn.com"] [uri "/.svn/wc.db"] [unique_id "aS51psKM7NZ56CYaveg3nwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:52:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:51:57.568783 2025] [security2:error] [pid 7787:tid 7787] [client 104.207.58.26:53045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "specialtycomputer.com"] [uri "/.env"] [unique_id "aS5wbckAACdiopTEB5Ge0wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:04:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:04:24.365903 2025] [security2:error] [pid 9676:tid 9676] [client 104.207.58.26:37597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "equitymaxrealestate.com"] [uri "/.git/HEAD"] [unique_id "aS5lSDcxu1DGf9YQWQhNzQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 00:27:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.58.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 19:27:14.872374 2025] [security2:error] [pid 18950:tid 18950] [client 104.207.58.26:26277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notimallinckrodt.com.ar"] [uri "/.svn/wc.db"] [unique_id "aS4yYs6_ImpRFb32kP8QlAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-11-26 19:38:12 (6 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.207.58.26 (TH/Thailand/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.207.58.26 (TH/Thailand/-): 1 in the last 3600 secs show less	Web App Attack
🇧🇪 madeit	2025-11-04 16:29:45 (7 months ago)		Web App Attack
🇧🇪 cmbplf	2025-11-04 07:23:54 (7 months ago)	1.015 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.124.20.237

🇨🇳 150.255.90.202

🇷🇺 45.195.221.26

🇹🇼 198.235.24.124

🇹🇳 197.5.145.114

🇮🇳 152.52.199.18

🇧🇷 129.121.54.208

🇺🇸 107.152.44.215

🇫🇷 91.196.152.208

🇷🇴 80.94.92.184

🇸🇬 43.160.214.230

🇸🇬 43.156.60.15

🇶🇦 34.153.64.20

🇧🇪 34.79.188.62

🇳🇱 5.83.143.113

🇮🇪 3.254.184.25

🇩🇪 2a03:b0c0:3:d0::402:d001

🇺🇸 212.18.127.15

🇧🇷 187.183.51.121

🇸🇳 154.124.132.2