JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.216

104.207.54.216 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 13%: ?

13%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.216

Whois 104.207.54.216

IP Abuse Reports for 104.207.54.216:

This IP address has been reported a total of 139 times from 19 distinct sources. 104.207.54.216 was first reported on June 7th 2024, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-17 01:13:13 (20 hours ago)	Web App Attack	Web App Attack
🇸🇮 administrator	2026-06-02 22:17:06 (2 weeks ago)	2026-06-02 00:09:29,118 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.54.216 2 ... show more 2026-06-02 00:09:29,118 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.54.216 2026-06-02 00:09:29,118 fail2ban.actions [1162]: NOTICE [ninjafirewall] Ban 104.207.54.216 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇸🇮 administrator	2026-05-04 16:41:56 (1 month ago)	2026-04-18 04:09:29,732 fail2ban.actions [1195]: NOTICE [ninjafirewall] Ban 104.207.54.216 2 ... show more 2026-04-18 04:09:29,732 fail2ban.actions [1195]: NOTICE [ninjafirewall] Ban 104.207.54.216 2026-04-19 17:31:35,684 fail2ban.actions [1048]: NOTICE [ninjafirewall] Ban 104.207.54.216 2026-04-18 04:09:29,732 fail2ban.actions [1195]: NOTICE [ninjafirewall] Ban 104.207.54.216 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-03-05 12:58:04 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-58.104.207.54.216.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 14-58.104.207.54.216.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2025-12-21 20:57:56 (5 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.12.21 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 22:46:25 (5 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-02 20:26:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 15:26:39.353754 2025] [security2:error] [pid 10443:tid 10443] [client 104.207.54.216:38871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pericles21.com"] [uri "/.svn/wc.db"] [unique_id "aS9Lfy-dC6gPT-P_vdd8ZAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:50:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:50:39.519128 2025] [security2:error] [pid 12732:tid 12732] [client 104.207.54.216:55435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "styxwetworld.com"] [uri "/.svn/wc.db"] [unique_id "aS5-L4Lvm3Sott6C_HChlAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:12:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:12:20.450610 2025] [security2:error] [pid 29638:tid 29638] [client 104.207.54.216:31373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "terrorismbook.com"] [uri "/.git/HEAD"] [unique_id "aS51NNAXOUk5YNXP0U7L_QAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 madeit	2025-11-27 12:21:14 (6 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2025-04-08 21:22:52 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 104.207.54.216 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.54.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 08 17:22:47.017718 2025] [security2:error] [pid 29416:tid 29416] [client 104.207.54.216:51641] [client 104.207.54.216] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|vjrott.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vjrott.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_WTp4a_dd_okWwhCx33EgAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 07:01:31 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 22:58:26 (1 year ago)	Attempted brute force login to web vpn 8 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 8 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 15:40:15 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 05:12:05 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.190.35.163

🇨🇳 42.231.96.48

🇫🇷 2a01:e0a:cd:2230:618d:139e:9334:934d

🇵🇰 223.123.38.122

🇨🇱 200.111.92.9

🇮🇳 182.95.52.122

🇸🇦 154.205.134.214

🇺🇸 147.185.132.33

🇺🇸 147.185.132.27

🇨🇳 124.91.148.90

🇨🇭 104.244.74.84

🇨🇦 89.251.0.169

🇹🇷 85.105.2.51

🇮🇳 47.11.119.170

🇩🇪 45.199.196.36

🇸🇳 41.208.174.249

🇨🇳 39.185.50.192

🇺🇸 2607:f8b0:4001:c24::121

🇨🇴 186.102.50.220

🇦🇺 147.10.164.195