JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 68.183.79.211

68.183.79.211 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 38%: ?

38%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 68.183.79.211

Whois 68.183.79.211

IP Abuse Reports for 68.183.79.211:

This IP address has been reported a total of 16 times from 12 distinct sources. 68.183.79.211 was first reported on March 23rd 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-07 17:30:16 (13 hours ago)	(mod_security) mod_security (id:210730) triggered by 68.183.79.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 68.183.79.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:30:10.593391 2026] [security2:error] [pid 28273:tid 28273] [client 68.183.79.211:60970] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|67ronin.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "67ronin.com"] [uri "/wp-content/backup-migration/complete_logs.log"] [unique_id "aiWqojKieKpjvbLi3gYYIAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-06-07 14:02:26 (17 hours ago)	http-wordpress_wpconfig - IP: 68.183.79.211 - time="2026-06-07T16:02:25+02:00" level=info msg="(555 ... show more http-wordpress_wpconfig - IP: 68.183.79.211 - time="2026-06-07T16:02:25+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-wordpress_wpconfig by ip 68.183.79.211 (DE/14061) : 4h ban on Ip 68.183.79.211" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 11:17:08 (19 hours ago)	(mod_security) mod_security (id:210492) triggered by 68.183.79.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 68.183.79.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 07:17:04.655749 2026] [security2:error] [pid 10742:tid 10742] [client 68.183.79.211:42378] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ussthresher.com.arsenaultartistmanagement.com"] [uri "/.git/HEAD"] [unique_id "aiVTMCx1sxuzNzejvhKBUwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-02 09:00:04 (5 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-31 14:52:15 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 68.183.79.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 68.183.79.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 10:52:10.595204 2026] [security2:error] [pid 9134:tid 9185] [client 68.183.79.211:42360] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|woodamy.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "woodamy.com"] [uri "/wp-content/backup-migration/complete_logs.log"] [unique_id "ahxLGjvmscltMROlIYCbqQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-05-22 11:05:15 (2 weeks ago)	Request Overload (290)	Brute-Force Web App Attack
🇨🇭 4server	2026-05-16 03:53:11 (3 weeks ago)	[SatMay1605:53:04.4719452026][security2:error][pid191632:tid191644][client68.183.79.211:0]ModSecurit ... show more [SatMay1605:53:04.4719452026][security2:error][pid191632:tid191644][client68.183.79.211:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\bhttpx\\\\\\\\b\\|\\\\\\\\bnaabu\\\\\\\\b\\|\\\\\\\\bffuf\\\\\\\\b\\|\\\\\\\\bgobuster\\\\\\\\b\\|\\\\\\\\bferoxbuster\\\\\\\\b\\|\\\\\\\\bwfuzz\\\\\\\\b\\|\\\\\\\\bjaeles\\\\\\\\b\\|\\\\\\\\bzgrab2\?\\\\\\\\b\\|\\\\\\\\bcommix\\\\\\\\b\\|\\\\\\\\bxsstrike\\\\\\\\b\\|\\\\\\\\bkiterunner\\\\\\\\b\\|\(\?:\^\\|[/]$katana$\?:/\\|\\\\\\\\b$\\|\\\\\\\\bkr/\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"70\"][id\"338800\"][rev\"2\"][msg\"Atomicorp.comWAFRules:Blockedrecon/fuzzUA\"][severity\"CRITICAL\"][hostname\"server-privato.com\"][uri\"/\"][unique_id\"agfqIMf4RKs2mR8SkZ7qJwAAAAo\"] show less	Hacking Web App Attack
🇩🇪 4server	2026-05-15 21:52:22 (3 weeks ago)	[FriMay1523:52:19.5209342026][security2:error][pid1362585:tid1362709][client68.183.79.211:0]ModSecur ... show more [FriMay1523:52:19.5209342026][security2:error][pid1362585:tid1362709][client68.183.79.211:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\bhttpx\\\\\\\\b\\|\\\\\\\\bnaabu\\\\\\\\b\\|\\\\\\\\bffuf\\\\\\\\b\\|\\\\\\\\bgobuster\\\\\\\\b\\|\\\\\\\\bferoxbuster\\\\\\\\b\\|\\\\\\\\bwfuzz\\\\\\\\b\\|\\\\\\\\bjaeles\\\\\\\\b\\|\\\\\\\\bzgrab2\?\\\\\\\\b\\|\\\\\\\\bcommix\\\\\\\\b\\|\\\\\\\\bxsstrike\\\\\\\\b\\|\\\\\\\\bkiterunner\\\\\\\\b\\|\(\?:\^\\|[/]$katana$\?:/\\|\\\\\\\\b$\\|\\\\\\\\bkr/\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"70\"][id\"338800\"][rev\"2\"][msg\"Atomicorp.comWAFRules:Blockedrecon/fuzzUA\"][severity\"CRITICAL\"][hostname\"scrspace.com\"][uri\"/\"][unique_id\"ageVkzv70ok4Y8xH3yXcRgAAANM\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 4server	2026-05-12 17:19:52 (3 weeks ago)	[TueMay1219:19:48.8985572026][security2:error][pid360847:tid360937][client68.183.79.211:0]ModSecurit ... show more [TueMay1219:19:48.8985572026][security2:error][pid360847:tid360937][client68.183.79.211:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\bhttpx\\\\\\\\b\\|\\\\\\\\bnaabu\\\\\\\\b\\|\\\\\\\\bffuf\\\\\\\\b\\|\\\\\\\\bgobuster\\\\\\\\b\\|\\\\\\\\bferoxbuster\\\\\\\\b\\|\\\\\\\\bwfuzz\\\\\\\\b\\|\\\\\\\\bjaeles\\\\\\\\b\\|\\\\\\\\bzgrab2\?\\\\\\\\b\\|\\\\\\\\bcommix\\\\\\\\b\\|\\\\\\\\bxsstrike\\\\\\\\b\\|\\\\\\\\bkiterunner\\\\\\\\b\\|\(\?:\^\\|[/]$katana$\?:/\\|\\\\\\\\b$\\|\\\\\\\\bkr/\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"70\"][id\"338800\"][rev\"2\"][msg\"Atomicorp.comWAFRules:Blockedrecon/fuzzUA\"][severity\"CRITICAL\"][hostname\"glass-container.com\"][uri\"/\"][unique_id\"agNhND51t-H6PyVsEynaCgAAAMQ\"] show less	Port Scan Brute-Force Web App Attack
🇭🇰 Harold Wong	2026-04-30 03:49:08 (1 month ago)	$f2bV_matches	Brute-Force
Anonymous	2026-04-18 04:48:17 (1 month ago)	Malicious activity detected	Hacking Web App Attack
🇮🇩 David Koswari	2026-04-13 05:33:00 (1 month ago)	REQ_BLOCKED_ACL	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇮🇱 spd.co.il	2026-04-03 01:01:49 (2 months ago)	Web application attack detected	Hacking Web App Attack
🇮🇩 Burayot	2026-03-30 19:58:31 (2 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 68.183.79.211 (DE/Germany/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 68.183.79.211 (DE/Germany/-): 1 in the last 3600 secs show less	Web App Attack
🇬🇧 poundawebsiteltd	2026-03-26 03:58:12 (2 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 68.183.79.211 - - [26/Mar/2026:0 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 68.183.79.211 - - [26/Mar/2026:03:58:10 +0000] GET / HTTP/1.1 403 3108 - httpx - Open-source project ([REDACTED_DOMAIN]/projectdiscovery/httpx) show less	Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 206.0.180.184

🇩🇪 198.186.130.38

🇸🇬 188.166.215.16

🇰🇷 182.225.187.163

🇹🇭 118.194.251.17

🇮🇳 106.76.182.75

🇷🇺 94.25.174.1

🇩🇪 87.106.47.28

🇸🇦 51.36.11.96

🇮🇩 210.79.191.76

🇲🇽 186.96.145.241

🇳🇱 185.156.73.233

🇺🇸 184.105.139.78

🇨🇴 181.119.84.222

🇮🇩 157.15.40.77

🇬🇭 80.87.83.229

🇺🇸 50.6.228.32

🇮🇳 49.43.226.206

🇳🇱 45.148.10.141

🇵🇰 202.47.52.226