JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.223

104.207.54.223 was found in our database!

This IP was reported 143 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.223

Whois 104.207.54.223

IP Abuse Reports for 104.207.54.223:

This IP address has been reported a total of 143 times from 19 distinct sources. 104.207.54.223 was first reported on June 21st 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-05-06 13:23:03 (1 month ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇹🇷 Detmach	2026-04-09 11:42:39 (2 months ago)	Security attack detected. Multiple failed attempts from 104.207.54.223. IP banned for 1440 minutes a ... show more Security attack detected. Multiple failed attempts from 104.207.54.223. IP banned for 1440 minutes at 9.04.2026 14:41:57. Failed attempts: 1 show less	Brute-Force
🇮🇹 VHosting	2025-12-24 08:25:15 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-09 18:33:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 13:33:45.436574 2025] [security2:error] [pid 9222:tid 9222] [client 104.207.54.223:47953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arthynatarajan.com"] [uri "/.git/HEAD"] [unique_id "aThriePSBxf86t6-RSGqsQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-08 04:39:36 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-07 23:19:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:18:54.837900 2025] [security2:error] [pid 29185:tid 29206] [client 104.207.54.223:54479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "petsentiments.com"] [uri "/.env"] [unique_id "aTYLXl5uOw4Rt_ZAP1EuGQAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 13:05:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 08:05:24.997762 2025] [security2:error] [pid 15922:tid 15922] [client 104.207.54.223:38421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "healthmarkcounseling.com"] [uri "/.git/HEAD"] [unique_id "aTLYlHNxvjRNJBhMOfO9aQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 10:08:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 05:08:21.237424 2025] [security2:error] [pid 26649:tid 26649] [client 104.207.54.223:56565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bloodtestinchicago.com"] [uri "/.env"] [unique_id "aTKvFTS3ftFKI48G4wdhgQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 09:50:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 04:50:15.337046 2025] [security2:error] [pid 31480:tid 31480] [client 104.207.54.223:19059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nancybarrera.com"] [uri "/.git/HEAD"] [unique_id "aTKq1-pE5-pcqUHs59zO6QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:22:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:22:24.387378 2025] [security2:error] [pid 29700:tid 29700] [client 104.207.54.223:23173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.davisllp.com"] [uri "/.git/HEAD"] [unique_id "aSUvANARfWuGxXkS8AAuigAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:54:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:54:40.175793 2025] [security2:error] [pid 29157:tid 29157] [client 104.207.54.223:52577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.arcbridge.com"] [uri "/.env"] [unique_id "aSUacNZeglZaT-wJW8GNmAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:28:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:27:55.201705 2025] [security2:error] [pid 12274:tid 12274] [client 104.207.54.223:50747] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.billystuff.net"] [uri "/.env"] [unique_id "aSUUKyqAngDyI5layhyxUwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:44:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:44:14.652165 2025] [security2:error] [pid 12722:tid 12722] [client 104.207.54.223:43315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nsdorganogram.org"] [uri "/.git/HEAD"] [unique_id "aST73lxtxspsFckxAXV3NwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:38:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:38:49.231585 2025] [security2:error] [pid 16464:tid 16598] [client 104.207.54.223:28305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.stateabbreviationlist.com"] [uri "/.svn/wc.db"] [unique_id "aSQnqet9535l6Z-c96sJ0AAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:42:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:42:50.183852 2025] [security2:error] [pid 16429:tid 16429] [client 104.207.54.223:17941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.swelpix.com"] [uri "/.git/HEAD"] [unique_id "aSQaipAwcIct58VeggT8TwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 143 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.58.173.254

🇨🇦 85.217.149.9

🇺🇸 64.62.197.31

🇳🇱 45.148.10.141

🇨🇱 34.176.4.51

🇦🇿 31.171.125.179

🇩🇪 151.241.44.29

🇮🇹 151.19.38.192

🇨🇳 119.36.193.230

🇮🇳 103.162.65.195

🇫🇷 91.231.89.75

🇨🇦 85.217.149.62

🇫🇷 85.217.140.43

🇺🇸 65.49.20.106

🇨🇳 42.224.179.231

🇻🇪 201.249.205.94

🇳🇱 195.178.110.30

🇻🇳 171.231.184.87

🇩🇪 118.193.59.142

🇫🇷 91.231.89.73