JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.212

104.207.54.212 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.212

Whois 104.207.54.212

IP Abuse Reports for 104.207.54.212:

This IP address has been reported a total of 138 times from 20 distinct sources. 104.207.54.212 was first reported on June 6th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-01-07 16:59:53 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 11:59:45.010447 2026] [security2:error] [pid 28255:tid 28255] [client 104.207.54.212:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sportsbookcommission.com"] [uri "/.svn/wc.db"] [unique_id "aV6RASQQ_brNTMTIdkPNXwAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-01-03 00:12:11 (5 months ago)	.env scanning [BY]	Web App Attack
🇪🇸 librebit	2025-12-30 06:20:29 (5 months ago)	Brute force	Brute-Force
🇺🇸 TPI-Abuse	2025-12-29 04:33:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:33:20.886707 2025] [security2:error] [pid 1194:tid 1194] [client 104.207.54.212:49999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kwtlaw.com"] [uri "/.env"] [unique_id "aVIEkFpWMQV-RqUSpu-IyAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-24 03:55:49 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-02 15:54:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:54:27.995873 2025] [security2:error] [pid 19919:tid 19935] [client 104.207.54.212:28457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rbarw.com"] [uri "/.git/HEAD"] [unique_id "aS8Ls6rObzZVY1rRU6QyDgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:12:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:12:20.523998 2025] [security2:error] [pid 31047:tid 31047] [client 104.207.54.212:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "perl-photo.com"] [uri "/.git/HEAD"] [unique_id "aS8B1A2G1OvN6CTdVtHg6QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:18:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:18:12.289819 2025] [security2:error] [pid 12682:tid 12682] [client 104.207.54.212:16573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aeongames.com"] [uri "/.svn/wc.db"] [unique_id "aS52lJS8Q1vQ4YxVLjj4xQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 02:03:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 21:03:26.540194 2025] [security2:error] [pid 14486:tid 14486] [client 104.207.54.212:48747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inwriting.buzz"] [uri "/.git/HEAD"] [unique_id "aS5I7tOR7LcmZN88QKStvAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 00:35:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 19:35:29.421866 2025] [security2:error] [pid 1593:tid 1616] [client 104.207.54.212:43753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trulyoriginalpurpleoctopus.art"] [uri "/.svn/wc.db"] [unique_id "aS40UTHZSzFK0PbwTkDCEQAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:51:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:51:46.020536 2025] [security2:error] [pid 2441488:tid 2441488] [client 104.207.54.212:56959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.serbruyns.com"] [uri "/.svn/wc.db"] [unique_id "aSaVcu93LhQFjL6OK8ulHAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 04:25:44 (6 months ago)	Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing ... show more Attempted access to sensitive endpoint (/.git/HEAD) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 xmission.com	2025-11-25 07:38:03 (7 months ago)	Blocked by UFW (TCP on 80) Source port: 9025 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 1 ... show more Blocked by UFW (TCP on 80) Source port: 9025 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 104.207.54.212) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:02:33 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:02:30.174976 2025] [security2:error] [pid 19306:tid 19306] [client 104.207.54.212:34317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.trixieotoole.com"] [uri "/.env"] [unique_id "aSU4ZmegkmfmnO6hgH4mQwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 35.203.211.216

🇺🇸 192.3.134.24

🇸🇬 185.200.116.35

🇳🇱 176.65.139.181

🇩🇪 154.196.81.237

🇫🇮 147.185.133.44

🇧🇷 143.202.104.13

🇭🇰 143.92.38.226

🇳🇱 45.148.10.152

🇺🇸 20.168.121.119

🇻🇳 14.191.151.237

🇺🇸 209.38.75.213

🇺🇸 205.210.31.37

🇺🇸 205.210.31.23

🇦🇷 200.50.155.91

🇬🇧 198.244.226.86

🇺🇸 147.185.132.85

🇺🇸 97.128.100.20

🇳🇱 91.92.40.24

🇨🇦 70.54.182.130