JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 78.109.79.104

78.109.79.104 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 61%: ?

61%

ISP	GNC-Alfa CJSC
Usage Type	Fixed Line ISP
ASN	AS49800
Domain Name	gnc.am
Country	🇦🇲 Armenia
City	Yerevan, Yerevan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 78.109.79.104

Whois 78.109.79.104

IP Abuse Reports for 78.109.79.104:

This IP address has been reported a total of 25 times from 15 distinct sources. 78.109.79.104 was first reported on June 3rd 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 20:13:44 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 16:13:38.466672 2026] [security2:error] [pid 14963:tid 14963] [client 78.109.79.104:48472] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 78.109.79.104 (+1 hits since last alert)\|jaragoodrich.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jaragoodrich.com"] [uri "/xmlrpc.php"] [unique_id "aiMt8uM3Sc1kMes7uQcTOQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 17:09:17 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 16:09:31 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 12:09:27.169191 2026] [security2:error] [pid 5799:tid 5799] [client 78.109.79.104:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 78.109.79.104 (+1 hits since last alert)\|upskirtcrazy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "upskirtcrazy.com"] [uri "/xmlrpc.php"] [unique_id "aiL0t33DWoWNeQp0tmAenwAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-05 15:05:29 (2 weeks ago)	(wordpress) Failed wordpress login from 78.109.79.104 (AM/Armenia/-): (CF_ENABLE)	Brute-Force
🇩🇪 dbmwebdesign	2026-06-05 11:30:11 (2 weeks ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-05 09:16:45 (2 weeks ago)	(wordpress) Failed wordpress login from 78.109.79.104 (AM/Armenia/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-05 06:20:43 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:20:40.078048 2026] [security2:error] [pid 11356:tid 11374] [client 78.109.79.104:38583] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 78.109.79.104 (+1 hits since last alert)\|peterhansenranch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "peterhansenranch.com"] [uri "/xmlrpc.php"] [unique_id "aiJquN_Xbpf6z4IuZFsutwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-06-05 00:01:16 (2 weeks ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
Anonymous	2026-06-04 21:32:48 (2 weeks ago)	Fail2Ban WordPress login brute-force detected	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 21:03:44 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 17:03:39.191927 2026] [security2:error] [pid 18820:tid 18820] [client 78.109.79.104:9231] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 78.109.79.104 (+1 hits since last alert)\|mdsshop.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mdsshop.com"] [uri "/xmlrpc.php"] [unique_id "aiHoKww6P_7-57EeYsmCqAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-04 20:31:06 (2 weeks ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 masterguru	2026-06-04 15:01:48 (2 weeks ago)	(xmlrpc) Apache: Failed xmlrpc access from 78.109.79.104 (AM/Armenia/-): 10 in the last 3600 secs (0 ... show more (xmlrpc) Apache: Failed xmlrpc access from 78.109.79.104 (AM/Armenia/-): 10 in the last 3600 secs (0-201) show less	Hacking
🇺🇸 Jason Howell	2026-06-04 07:21:15 (2 weeks ago)	78.109.79.104 - - [04/Jun/2026:02:20:32 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "Jetpack by ... show more 78.109.79.104 - - [04/Jun/2026:02:20:32 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" 78.109.79.104 - - [04/Jun/2026:02:20:43 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "Jetpack/12.5; WordPress/6.1; http://site14464874.com" 78.109.79.104 - - [04/Jun/2026:02:20:53 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "WordPress.com; https://wordpress.com" 78.109.79.104 - - [04/Jun/2026:02:21:04 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "WordPress.com; https://wordpress.com" 78.109.79.104 - - [04/Jun/2026:02:21:14 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2985 "-" "WordPress.com; https://wordpress.com" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 06:54:22 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 78.109.79.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 02:54:18.956500 2026] [security2:error] [pid 10105:tid 10105] [client 78.109.79.104:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 78.109.79.104 (+1 hits since last alert)\|cloudex.click\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cloudex.click"] [uri "/xmlrpc.php"] [unique_id "aiEhGjf76cDGrHoukfTw0gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 04:48:40 (2 weeks ago)	Attac	Brute-Force

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2a06:a880:5:cb59::1

🇹🇷 195.142.16.10

🇭🇰 183.87.96.50

🇰🇷 112.164.211.228

🇻🇳 103.167.89.222

🇮🇳 103.123.53.88

🇺🇸 91.230.168.89

🇩🇪 69.5.169.43

🇺🇸 64.62.156.21

🇺🇸 47.77.220.169

🇮🇩 36.68.54.223

🇺🇸 184.105.247.246

🇷🇼 105.178.104.73

🇺🇿 94.158.49.223

🇳🇱 91.92.40.5

🇺🇸 66.132.224.80

🇵🇰 182.190.179.15

🇫🇮 178.20.210.151

🇪🇬 156.203.165.93

🇨🇴 152.203.109.68