JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.190

104.207.54.190 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.190

Whois 104.207.54.190

IP Abuse Reports for 104.207.54.190:

This IP address has been reported a total of 149 times from 19 distinct sources. 104.207.54.190 was first reported on June 11th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-02-15 22:59:43 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-15	Hacking Web App Attack SSH
🇳🇱 oisecnet	2026-02-15 22:00:42 (4 months ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-02-15. 24 requests from this ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-02-15. 24 requests from this IP. show less	Brute-Force Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-15 12:32:58 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:32:50.801227 2026] [security2:error] [pid 22060:tid 22060] [client 104.207.54.190:19465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "partiklezoo.com"] [uri "/app/.git/config"] [unique_id "aZG88h9272a35L_ya3eOKgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:56:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:56:28.165316 2026] [security2:error] [pid 5762:tid 5762] [client 104.207.54.190:49957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paleopathologist.com"] [uri "/backup/.git/config"] [unique_id "aZG0bIk5YjUlT_aljqjCfAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:23:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:23:36.353282 2026] [security2:error] [pid 21441:tid 21441] [client 104.207.54.190:59989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "owenbee.com"] [uri "/backend/.env"] [unique_id "aZGsuF1ncGzGFCOsbHCLmwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:27:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:27:18.165743 2026] [security2:error] [pid 1273:tid 1273] [client 104.207.54.190:18865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onyxcc.com"] [uri "/dev/.git/config"] [unique_id "aZFnRk4JyUXJ4ffKwE6CbgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:47:01 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:46:53.376986 2026] [security2:error] [pid 11018:tid 11018] [client 104.207.54.190:25321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prodivediving.com"] [uri "/.env.save"] [unique_id "aZFdzRrnmAyYvpYsiNQ-JAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:27:48 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:27:44.744091 2026] [security2:error] [pid 15168:tid 15168] [client 104.207.54.190:45953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ohiobabe.com"] [uri "/backend/.env"] [unique_id "aZFZUM0Miqu9nwJTDBqufwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:08:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:08:26.876973 2026] [security2:error] [pid 19675:tid 19675] [client 104.207.54.190:62995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "octaviomontes.com"] [uri "/test/.git/config"] [unique_id "aZFUypfJvHLKSxoTZQ-M-QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 04:05:49 (4 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:23:38 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:23:33.887356 2026] [security2:error] [pid 2167:tid 2202] [client 104.207.54.190:53713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nobledyn.com"] [uri "/backend/.env"] [unique_id "aZE8NSZIRZBCB3DKHleLQQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:59:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:59:42.486243 2026] [security2:error] [pid 1211563:tid 1211563] [client 104.207.54.190:19031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rygg.biz"] [uri "/site/.git/config"] [unique_id "aZE2nnh6khPRNuV3S5Wv8gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-15 02:51:17 (4 months ago)	http-sensitive-files - IP: 104.207.54.190 - time="2026-02-15T03:51:17+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.54.190 - time="2026-02-15T03:51:17+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.54.190 (DE/200373) : 4h ban on Ip 104.207.54.190" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:17:32 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:17:25.421832 2026] [security2:error] [pid 22945:tid 22945] [client 104.207.54.190:25635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "platformintelligence.com"] [uri "/.git/config"] [unique_id "aZEste2_lkYWzRMZj8pu1QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:45:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:45:05.000901 2026] [security2:error] [pid 13988:tid 13988] [client 104.207.54.190:24697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roselockecasting.com"] [uri "/dev/.git/config"] [unique_id "aZElIeo18SsTevrWQmy78gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 91.230.168.141

🇺🇸 67.211.218.16

🇨🇳 43.136.86.241

🇳🇱 176.65.139.56

🇺🇸 172.253.244.148

🇮🇳 168.144.72.75

🇹🇼 165.154.227.8

🇮🇳 103.74.68.131

🇬🇧 35.203.210.20

🇺🇦 195.242.179.228

🇳🇱 176.65.139.181

🇯🇵 132.145.115.202

🇺🇸 107.150.103.210

🇺🇸 52.167.144.20

🇳🇱 31.59.95.52

🇺🇸 31.59.40.94

🇩🇪 213.209.159.227

🇫🇷 205.237.105.154

🇧🇪 198.235.24.200

🇨🇳 116.255.169.129