JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.208

104.207.54.208 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 68%: ?

68%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.208

Whois 104.207.54.208

IP Abuse Reports for 104.207.54.208:

This IP address has been reported a total of 155 times from 31 distinct sources. 104.207.54.208 was first reported on June 7th 2024, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-22 23:06:39 (21 hours ago)	(y4) Failed scan -byebye- from 104.207.54.208 (DE/Germany/-): (CF_ENABLE)	Hacking
Anonymous	2026-06-21 20:24:38 (2 days ago)	[server.tmg.gr] httpd-login-spray-site: sites=tmg.gr.forms; logs=/var/log/httpd/domains/tmg.gr.forms ... show more [server.tmg.gr] httpd-login-spray-site: sites=tmg.gr.forms; logs=/var/log/httpd/domains/tmg.gr.forms.log; samples=site_wide=true \| distinct_ips=13 \| /wp-login.php show less	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-21 10:42:51 (2 days ago)	(y4) Failed scan -byebye- from 104.207.54.208 (DE/Germany/-): (CF_ENABLE)	Hacking
🇫🇷 pm33	2026-06-21 04:24:52 (2 days ago)	Wordpress login attempts	Brute-Force
🇲🇽 octageeks.com	2026-06-21 04:17:02 (2 days ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-21 03:32:15 (2 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 104.207.54.208 - - [21/Jun/2026:04:32:13 +0100] ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 104.207.54.208 - - [21/Jun/2026:04:32:13 +0100] POST /wp-login.php HTTP/1.1 301 3362 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15 show less	Web App Attack
🇩🇪 4server	2026-06-20 10:09:49 (3 days ago)	[SatJun2012:09:45.5199452026][security2:error][pid2406918:tid2406991][client104.207.54.208:0]ModSecu ... show more [SatJun2012:09:45.5199452026][security2:error][pid2406918:tid2406991][client104.207.54.208:0]ModSecurity:Accessdeniedwithcode403$phase2$.OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded$TotalScore:5$\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"your-team.ch\"][uri\"/wp-login.php\"][unique_id\"ajZm6Y5-1gPvLRbirtAJ-QAAAIw\"]\,referer:https://your-team.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
🇲🇹 Malta	2026-06-16 23:14:16 (6 days ago)	104.207.54.208 - - [17/Jun/2026:01:14:16 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ... show more 104.207.54.208 - - [17/Jun/2026:01:14:16 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇬🇧 poundawebsiteltd	2026-06-16 18:57:03 (1 week ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 104.207.54.208 - - [16/Jun/2026:19:56:56 +0100] ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 104.207.54.208 - - [16/Jun/2026:19:56:56 +0100] POST /wp-login.php HTTP/1.1 200 6764 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0 show less	Web App Attack
🇬🇷 setupgr	2026-06-15 16:51:24 (1 week ago)	(mod_security) mod_security (id:900001) triggered by 104.207.54.208: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:900001) triggered by 104.207.54.208: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 15 19:51:23.714005 2026] [security2:error] [pid 1917021:tid 1917227] [client 104.207.54.208:60305] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: setworldup.com"] [severity "CRITICAL"] [tag "security"] [hostname "setworldup.com"] [uri "/wp-login.php"] [unique_id "ajAtiw799xbSHUG5HIrXmwAAANI"], referer: https://setworldup.com/wp-login.php show less	Port Scan
Anonymous	2026-06-14 09:04:53 (1 week ago)	WordPress Brute Force	Brute-Force
Anonymous	2026-06-13 12:41:48 (1 week ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-13 07:35:51 (1 week ago)	[ns41.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wi ... show more [ns41.kdns.gr] httpd-login-spray-site: sites=global; logs=/var/log/httpd/access_log; samples=site_wide=true \| distinct_ips=26 \| /wp-login.php show less	Hacking Web App Attack
🇬🇧 spamverify.com	2026-06-12 04:11:01 (1 week ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-06-12 02:34:15 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.73.27.245

🇨🇳 223.73.18.204

🇺🇸 147.185.132.118

🇭🇰 121.202.198.98

🇷🇺 95.105.52.153

🇫🇷 91.231.89.212

🇺🇸 23.21.250.48

🇺🇸 13.219.221.228

🇺🇸 216.73.217.175

🇦🇺 203.185.198.246

🇺🇸 173.255.210.89

🇻🇳 152.32.163.183

🇺🇸 136.117.75.57

🇺🇸 68.71.245.206

🇨🇳 60.188.58.133

🇸🇮 31.57.184.232

🇺🇸 16.148.32.197

🇨🇳 218.207.25.249

🇹🇼 198.235.24.114

🇺🇸 162.216.150.192