JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.235

104.207.54.235 was found in our database!

This IP was reported 141 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.235

Whois 104.207.54.235

IP Abuse Reports for 104.207.54.235:

This IP address has been reported a total of 141 times from 20 distinct sources. 104.207.54.235 was first reported on June 5th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 big-cloud.nl	2026-05-17 05:09:48 (3 weeks ago)	Try to access /xmlrpc.php	Web App Attack
🇩🇪 kranem	2026-02-25 06:01:33 (3 months ago)	Triggered Cloudflare WAF from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/ ... show more Triggered Cloudflare WAF from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Endpoint: /login Timestamp: 2026-02-25T04:54:14Z User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0 show less	Bad Web Bot
🇯🇵 Valhalla	2026-02-11 19:20:19 (4 months ago)	Ewww, a file system command: /.env.save	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-10 23:01:07 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-10	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-10 15:12:04 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:12:01.162680 2026] [security2:error] [pid 27204:tid 27204] [client 104.207.54.235:57307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthraxbook.com"] [uri "/app/.git/config"] [unique_id "aYtKwSNyWJ_pfgaHnlY64AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:27:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:27:44.352980 2026] [security2:error] [pid 3329:tid 3329] [client 104.207.54.235:56117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "konahawaiirealty.com"] [uri "/admin/.env"] [unique_id "aYrP4GmU88yFfr1QyrMjFAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:13:09 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:13:06.876636 2026] [security2:error] [pid 888:tid 888] [client 104.207.54.235:31997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ichi51e.net"] [uri "/.env.staging"] [unique_id "aYqwUnQOlwn2OxfFxAzdaQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:37:43 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:37:39.528699 2026] [security2:error] [pid 3545:tid 3545] [client 104.207.54.235:64329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibcnu.com"] [uri "/.env"] [unique_id "aYqoA_zibKRZ2eNcAh952gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:52:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:52:20.971246 2026] [security2:error] [pid 3325:tid 3325] [client 104.207.54.235:59803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingdombuilderschurchmd.org"] [uri "/.env.save"] [unique_id "aYqdZLN6hClqg_VWNezHMwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:26:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:26:25.791951 2026] [security2:error] [pid 21093:tid 21093] [client 104.207.54.235:25553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khaoula.com"] [uri "/app/.git/config"] [unique_id "aYqJQXVgUSNnB64PG0i2GAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:04:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:04:32.888443 2026] [security2:error] [pid 23808:tid 23808] [client 104.207.54.235:48957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kentuckianacordcutters.com"] [uri "/.env.staging"] [unique_id "aYp2EE-_M6Zejl4VCh9P8gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:58:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:58:32.965496 2026] [security2:error] [pid 5899:tid 5903] [client 104.207.54.235:44909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kcscomputer.com"] [uri "/app/.git/config"] [unique_id "aYpmmBiTYUJElKef9bxi2wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2026-01-26 07:43:17 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
Anonymous	2026-01-20 17:31:34 (4 months ago)	wordpress-trap	Web App Attack
🇩🇪 F242	2026-01-08 09:56:01 (5 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack

Showing 1 to 15 of 141 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.48.134.186

🇮🇳 106.222.211.168

🇮🇷 80.210.138.214

🇨🇳 47.103.48.50

🇬🇧 35.203.210.192

🇿🇦 197.89.118.146

🇬🇧 185.216.145.163

🇫🇮 147.185.133.131

🇸🇬 136.110.51.66

🇨🇳 124.236.16.164

🇨🇳 117.29.104.19

🇺🇸 104.196.199.88

🇲🇲 103.59.163.132

🇧🇬 95.42.54.132

🇺🇸 65.111.3.228

🇺🇸 49.51.199.112

🇦🇺 34.116.77.46

🇮🇳 34.93.241.217

🇸🇬 2406:da18:125:f101:7326:441d:2b98:6f93

🇳🇱 158.173.3.136