JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.217

104.207.54.217 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.217

Whois 104.207.54.217

IP Abuse Reports for 104.207.54.217:

This IP address has been reported a total of 131 times from 15 distinct sources. 104.207.54.217 was first reported on June 19th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Savvii	2026-05-06 00:10:33 (1 month ago)	20 attempts against mh-misbehave-ban on acorn	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-02-25 01:10:21 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-12 00:19:36 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 19:19:31.379696 2026] [security2:error] [pid 32338:tid 32338] [client 104.207.54.217:41937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "armandselmwoodpark.com"] [uri "/config/.env"] [unique_id "aY0ck5mdqv3_i6jPKqxESwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:28:10 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:28:06.476031 2026] [security2:error] [pid 25970:tid 25970] [client 104.207.54.217:44237] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "konar-steenberg.com"] [uri "/admin/.env"] [unique_id "aYrP9r4WvdOuooBjqn3lywAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:47:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:47:43.155327 2026] [security2:error] [pid 19707:tid 19707] [client 104.207.54.217:36333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mahtani.org"] [uri "/frontend/.env"] [unique_id "aYrGf0xNu36J2DRE0QI46wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 20:06:29 (4 months ago)	Blocking for trying to access an exploit file: /.aws/credentials	Hacking
🇺🇸 TPI-Abuse	2026-02-09 19:45:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:45:24.361099 2026] [security2:error] [pid 26324:tid 26324] [client 104.207.54.217:22941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homebuyerpros.com"] [uri "/v2/.git/config"] [unique_id "aYo5VOfaYQYdVyEQvJ5tTQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-01-14 06:05:38 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-01-05 20:32:16 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-04 16:03:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 11:03:39.276907 2025] [security2:error] [pid 30141:tid 30194] [client 104.207.54.217:40281] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daydreambeliever.us"] [uri "/.env"] [unique_id "aTGw2xPaLXg88BApdZNxxQAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:59:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:58:54.234497 2025] [security2:error] [pid 27688:tid 27688] [client 104.207.54.217:17877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gisur.com"] [uri "/.svn/wc.db"] [unique_id "aS9E_oCBq7_EqKQ7xjuFLgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 19:41:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:41:01.596803 2025] [security2:error] [pid 15493:tid 15493] [client 104.207.54.217:58009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "floridausa.com"] [uri "/.git/HEAD"] [unique_id "aS9AzdFlMRuRnKYVTZJTCAAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 18:59:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:59:14.805748 2025] [security2:error] [pid 2987:tid 2987] [client 104.207.54.217:29501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airei.com"] [uri "/.svn/wc.db"] [unique_id "aS83Ar6D4NgFryB9J4Q7fgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 16:29:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 11:29:27.429085 2025] [security2:error] [pid 12545:tid 12545] [client 104.207.54.217:60539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "phoboschildren.com"] [uri "/.git/HEAD"] [unique_id "aS8T59pSNyWzMr6S_E_ztgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 06:40:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 01:40:24.008867 2025] [security2:error] [pid 7662:tid 7662] [client 104.207.54.217:32703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grsquared.com"] [uri "/.svn/wc.db"] [unique_id "aS6J2NSf-T5e_EHhx2iNngAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 175.192.28.125

🇺🇸 104.243.35.45

🇮🇳 103.194.243.199

🇺🇸 65.49.1.96

🇧🇷 45.4.179.2

🇺🇸 20.169.85.177

🇺🇸 205.169.39.214

🇳🇱 193.176.31.207

🇨🇳 123.144.29.19

🇳🇱 20.31.232.59

🇨🇳 8.148.13.136

🇬🇧 2.124.204.245

🇺🇸 2604:a940:300:5b6:0:22::

🇬🇧 217.154.45.93

🇰🇷 211.254.212.59

🇹🇼 211.72.129.212

🇺🇸 159.89.86.121

🇮🇳 136.232.11.10

🇨🇳 116.62.242.59

🇸🇬 101.47.8.188