JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.240

104.207.54.240 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.240

Whois 104.207.54.240

IP Abuse Reports for 104.207.54.240:

This IP address has been reported a total of 131 times from 16 distinct sources. 104.207.54.240 was first reported on June 8th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-01-10 22:05:29 (4 months ago)	wordpress-trap	Web App Attack
🇮🇹 VHosting	2025-12-23 18:10:28 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 Psycho Solutions LLC	2025-12-14 08:10:40 (5 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 12/14/2025 8:10 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 TPI-Abuse	2025-11-26 09:35:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 04:34:56.860243 2025] [security2:error] [pid 32083:tid 32088] [client 104.207.54.240:51853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.bestthingieveratelocations.com"] [uri "/.git/HEAD"] [unique_id "aSbJwEswSQfOe5OvGk0j_gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 06:14:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:14:47.172827 2025] [security2:error] [pid 3738:tid 3738] [client 104.207.54.240:10119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lynellejonsson.com"] [uri "/.svn/wc.db"] [unique_id "aSaa175wJ1jdyLqi7XGvGQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:30:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:30:21.920837 2025] [security2:error] [pid 13069:tid 13069] [client 104.207.54.240:11145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.vincenzorusso.com"] [uri "/.svn/wc.db"] [unique_id "aSZYLYQvkI75Ng-rpjf-OwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:07:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:07:29.994458 2025] [security2:error] [pid 1816811:tid 1816952] [client 104.207.54.240:37443] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.certifiedebusinessconsultant.com"] [uri "/.svn/wc.db"] [unique_id "aSU5ke3xOpFSh0Wflct4twAAAEk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:30:00 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:29:56.570722 2025] [security2:error] [pid 32395:tid 32395] [client 104.207.54.240:45963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.atidysort.com"] [uri "/.svn/wc.db"] [unique_id "aSQllOcEjHparq0Rdk49-AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:43:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:42:59.876929 2025] [security2:error] [pid 17227:tid 17227] [client 104.207.54.240:30473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ericeschenbach.com"] [uri "/.env"] [unique_id "aSQak56aqKDm3BwmiRm8uAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:33:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:33:22.066492 2025] [security2:error] [pid 10696:tid 10828] [client 104.207.54.240:17591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.hkpipeline1.xyz"] [uri "/.svn/wc.db"] [unique_id "aSQKQiJafRnFKTiRlopV5AAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:47:47 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:47:42.839969 2025] [security2:error] [pid 5103:tid 5148] [client 104.207.54.240:42925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ainavelas.com"] [uri "/.env"] [unique_id "aSPxflz8f4PiRLoPAIGwIgAAAMs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-11-20 02:15:18 (6 months ago)	(From [email protected]) Are you searching for a job that can be done right away? If so ... show more (From [email protected]) Are you searching for a job that can be done right away? If so, countless businesses are hiring website chat support agents - no experience is needed, as full training will be provided. Click here to complete your application if you are interested. -----> THEmoneyfromhome.com show less	Phishing Web Spam
🇺🇸 Psycho Solutions LLC	2025-11-16 06:18:29 (6 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 11/16/2025 6:18 am (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.59

🇨🇳 120.230.14.17

🇺🇸 50.87.144.110

🇸🇬 47.84.186.19

🇨🇦 15.235.27.170

🇨🇳 14.103.107.31

🇺🇸 2607:f8b0:400e:c0c::12c

🇷🇴 193.46.255.86

🇳🇱 45.148.10.121

🇳🇱 45.142.193.27

🇺🇸 3.216.13.10

🇧🇪 178.51.44.245

🇺🇸 162.217.163.102

🇺🇸 146.190.213.12

🇨🇳 121.11.96.13

🇲🇦 105.154.199.219

🇫🇷 91.231.89.180

🇦🇹 83.175.70.44

🇷🇴 80.94.92.156

🇺🇸 68.183.129.226