JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.126

104.207.54.126 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.126

Whois 104.207.54.126

IP Abuse Reports for 104.207.54.126:

This IP address has been reported a total of 125 times from 14 distinct sources. 104.207.54.126 was first reported on June 5th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇪 KIDOS	2026-06-26 10:33:41 (2 days ago)	malicious activity	Web App Attack
🇨🇭 backslash	2026-06-19 20:06:00 (1 week ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇦🇺 RedBear IT	2026-03-26 10:00:37 (3 months ago)	"DDoS against public endpoint"	DDoS Attack
🇱🇻 garmtech.com	2026-03-24 12:20:58 (3 months ago)	IM360 WAF: Old style account creation and modification in Joomla! MV:registration	Web App Attack
🇨🇭 backslash	2026-01-19 05:05:02 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-29 12:28:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 07:28:37.879925 2025] [security2:error] [pid 21528:tid 21528] [client 104.207.54.126:24261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abecasis.com"] [uri "/.git/HEAD"] [unique_id "aVJz9SHacITf8Un5U09MBgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:41:47 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:41:42.269576 2025] [security2:error] [pid 9197:tid 9197] [client 104.207.54.126:24791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "discountbusinessholidaycards.com"] [uri "/.svn/wc.db"] [unique_id "aVI-xjvJofzUOD1agsUgdAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 08:16:25 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:16:19.435507 2025] [security2:error] [pid 32508:tid 32508] [client 104.207.54.126:59229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rosemeadefarms.com"] [uri "/.env"] [unique_id "aVI4046x7bjCYkrGSZ2hpQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 Shaik Sai Meera	2025-12-29 06:35:13 (5 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-12-29 06:31:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:30:55.758870 2025] [security2:error] [pid 31383:tid 31383] [client 104.207.54.126:14411] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sidsales.com"] [uri "/.svn/wc.db"] [unique_id "aVIgH8280YVmZAHriRbKDAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:13:50 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:13:45.892151 2025] [security2:error] [pid 1091:tid 1091] [client 104.207.54.126:38731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diuana.com"] [uri "/.svn/wc.db"] [unique_id "aVIcGVxzmR7H3YYvE8-3ZQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 04:41:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:41:28.515192 2025] [security2:error] [pid 5979:tid 5979] [client 104.207.54.126:17033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frameandsavehydepark.com"] [uri "/.git/HEAD"] [unique_id "aVIGeNrl2gfIJ2lq-PItRwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:37:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:37:00.003496 2025] [security2:error] [pid 28161:tid 28161] [client 104.207.54.126:26133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stananddana.com"] [uri "/.svn/wc.db"] [unique_id "aVH3XCmTexq4vFl8pd19SQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-27 13:02:56 (6 months ago)	2025-12-27T15:02:55.564874+02:00 zanati wp(www.sahpa.co.za)[193597]: Blocked authentication attempt ... show more 2025-12-27T15:02:55.564874+02:00 zanati wp(www.sahpa.co.za)[193597]: Blocked authentication attempt for [email protected] from 104.207.54.126 ... show less	Web App Attack
🇪🇸 10dencehispahard SL	2025-11-19 07:09:22 (7 months ago)	WP probing for vulnerabilities	Hacking Exploited Host

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 185.223.152.85

🇺🇸 185.223.152.80

🇳🇱 176.65.132.33

🇩🇿 105.110.61.153

🇫🇷 90.118.64.143

🇮🇹 78.134.49.171

🇺🇸 66.132.224.21

🇯🇵 43.133.26.159

🇦🇺 34.40.242.245

🇳🇵 27.34.64.103

🇳🇬 165.154.11.225

🇧🇷 164.163.24.11

🇮🇩 160.187.174.22

🇺🇸 147.185.132.19

🇵🇰 223.123.124.123

🇨🇳 218.13.26.42

🇳🇱 185.242.226.85

🇸🇬 152.42.196.130

🇱🇻 81.30.98.144

🇱🇹 62.60.130.169