JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.142

104.207.54.142 was found in our database!

This IP was reported 119 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.142

Whois 104.207.54.142

IP Abuse Reports for 104.207.54.142:

This IP address has been reported a total of 119 times from 14 distinct sources. 104.207.54.142 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 stinpriza	2026-05-06 20:55:18 (1 month ago)	Web App Attack	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:42:52 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇸🇬 pusathosting.com	2026-01-12 20:06:04 (4 months ago)	2ds22 bruteforce	Brute-Force Web App Attack
Anonymous	2026-01-05 20:35:36 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-27 13:43:20 (6 months ago)	Attempted brute force login to web vpn 2111 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 2111 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇧🇪 madeit	2025-11-27 12:25:19 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:45:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:44:58.355800 2025] [security2:error] [pid 2431566:tid 2431566] [client 104.207.54.142:29225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.badritual.art"] [uri "/.git/HEAD"] [unique_id "aSaT2swkKpMuWrQ1OpfkcAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 03:11:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:11:47.025085 2025] [security2:error] [pid 22625:tid 22625] [client 104.207.54.142:14455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sirreelpictures.com"] [uri "/.svn/wc.db"] [unique_id "aSZv8-X6NFZ_5oFqVokX8wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:27:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:27:46.686944 2025] [security2:error] [pid 3365544:tid 3365635] [client 104.207.54.142:32275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.financialcertified.com"] [uri "/.svn/wc.db"] [unique_id "aSZlop6gyU3zOv0h7a5-KgAAAg0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 23:54:19 (6 months ago)	Attempted brute force login to web vpn 360 time(s); last attempt for 2025.11.18 is noted in report t ... show more Attempted brute force login to web vpn 360 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-10-10 18:05:15 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 10 14:05:09.685598 2025] [security2:error] [pid 18671:tid 18671] [client 104.207.54.142:37163] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|actability.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "actability.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aOlK1cPqWKfQUpryHtUg2gAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-10 13:20:06 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.54.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 10 09:19:59.332833 2025] [security2:error] [pid 15903:tid 15903] [client 104.207.54.142:11509] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|medics-group.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "medics-group.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aOkH_6BykErGLG6BYiEXjQAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 08:59:07 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 20:24:27 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 119 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 2a00:1450:400c:c04::12d

🇲🇽 187.190.192.190

🇩🇪 165.22.82.165

🇨🇳 114.220.176.69

🇨🇳 113.239.1.131

🇪🇸 88.25.232.213

🇰🇿 37.99.36.120

🇵🇱 31.41.81.65

🇭🇰 218.250.235.109

🇸🇬 103.187.146.131

🇦🇺 20.58.164.80

🇨🇳 14.116.156.100

🇨🇳 14.103.112.243

🇩🇪 213.209.159.231

🇲🇺 197.225.146.23

🇷🇴 193.32.162.16

🇧🇷 181.225.171.170

🇷🇺 176.114.16.182

🇩🇪 167.94.146.39

🇫🇮 147.185.133.181