JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.128

104.207.54.128 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.128

Whois 104.207.54.128

IP Abuse Reports for 104.207.54.128:

This IP address has been reported a total of 128 times from 16 distinct sources. 104.207.54.128 was first reported on June 20th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nowyouknow	2026-04-17 16:00:06 (1 month ago)	(From [email protected]) Hi there, Not sure who on your team handles Google Ads — could you poin ... show more (From [email protected]) Hi there, Not sure who on your team handles Google Ads — could you point me to the right person? My name is Ivan. I specialize in Google Ads and Google Ad Grants (and I share paid-ad strategies on YouTube). I visited your website: ultrahealthchiropractic.com and we are seeing that you guys are currently running Google Ads or have tried in the past. If you guys want, we could help you save a lot of money for a lifetime on the Google Ad Grants account that has a $10K/month free ad spend credit (provided and paid by Google Ads each month), meaning that you don't have to spend a dime each month to get free quality leads and sales. With our expertise on Google Ads, we can also help you set up successful ad campaigns, manage and optimize them to get you more customers/clients. If you have any questions private email me at: [email protected] If you’re not the right contact, please forward this or let me know who I should contact. Thanks for your time — I ap show less	Phishing Web Spam
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇳🇱 Mangelot Hosting	2026-01-02 07:57:09 (5 months ago)	(wp_config_access) srv102 Access wp-config.php 104.207.54.128 (DE/Germany/-): 1 in the last 3600 sec ... show more (wp_config_access) srv102 Access wp-config.php 104.207.54.128 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇨🇦 SSH-Admin	2025-12-27 13:45:08 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-12-11 04:46:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 23:46:06.962934 2025] [security2:error] [pid 9418:tid 9418] [client 104.207.54.128:54737] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dalonholdings.com"] [uri "/.git/HEAD"] [unique_id "aTpMjjBMD4DW4oYcn7LQJgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 08:06:43 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 03:06:38.140349 2025] [security2:error] [pid 31237:tid 31237] [client 104.207.54.128:52697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airedaleflyer.com"] [uri "/.env"] [unique_id "aTaHDo8rPNWubcQLuBqU3wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 12:23:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:23:33.527869 2025] [security2:error] [pid 23917:tid 23933] [client 104.207.54.128:47035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daraluz.net"] [uri "/.env"] [unique_id "aTQgRc_nzCr_Cfjc6tHOIgAAAM4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 03:16:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 22:16:25.622848 2025] [security2:error] [pid 7704:tid 7704] [client 104.207.54.128:20607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "laband.info"] [uri "/.git/HEAD"] [unique_id "aTOgCYry4tfky0NpPCya4gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 00:34:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 19:34:44.999944 2025] [security2:error] [pid 16748:tid 16748] [client 104.207.54.128:51191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cityoffoley.gov"] [uri "/.git/HEAD"] [unique_id "aTN6JFALluZAZPBfkxzazAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:37:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:37:33.672851 2025] [security2:error] [pid 29984:tid 29984] [client 104.207.54.128:41891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jockoenterprises.com"] [uri "/.svn/wc.db"] [unique_id "aTJTfVlHkVusZHNGesabJgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:14:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:14:40.082558 2025] [security2:error] [pid 13490:tid 13490] [client 104.207.54.128:42881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.suswastima.com"] [uri "/.svn/wc.db"] [unique_id "aSQT8Aa2h9y8m2nWmEC1dQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:32:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:32:22.843383 2025] [security2:error] [pid 11457:tid 11457] [client 104.207.54.128:25491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.seacorre.com"] [uri "/.svn/wc.db"] [unique_id "aSQKBh9cMzzXvobfDlzbRQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:33:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:33:02.293621 2025] [security2:error] [pid 16192:tid 16192] [client 104.207.54.128:35699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.1st-pick.com"] [uri "/.env"] [unique_id "aSPuDrumkQgSjr9OLV6-3gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-10-31 05:03:37 (7 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇵🇱 sefinek.net	2025-10-26 13:09:00 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.48

🇨🇳 122.13.25.186

🇺🇸 67.227.37.13

🇨🇳 61.191.145.123

🇩🇪 213.209.159.56

🇫🇷 194.116.250.254

🇫🇷 158.220.111.161

🇺🇸 142.93.204.108

🇮🇳 20.204.99.34

🇻🇪 201.209.248.85

🇬🇧 194.50.235.149

🇳🇴 141.195.8.205

🇰🇷 121.165.187.77

🇺🇸 103.153.183.254

🇺🇸 2600:1f18:3120:f502:27aa:3a3e:3bd8:34bb

🇱🇹 193.187.114.90

🇮🇳 182.95.48.38

🇧🇩 182.48.68.82

🇧🇷 164.152.39.78

🇩🇪 158.94.208.189