JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.245

104.207.54.245 was found in our database!

This IP was reported 156 times. Confidence of Abuse is 10%: ?

10%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.245

Whois 104.207.54.245

IP Abuse Reports for 104.207.54.245:

This IP address has been reported a total of 156 times from 19 distinct sources. 104.207.54.245 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 [email protected]	2026-06-08 17:58:02 (1 week ago)		Brute-Force
🇮🇹 [email protected]	2026-06-03 22:24:27 (1 week ago)	[Thu Jun 04 00:24:27.607707 2026] [authz_core:error] [pid 110150:tid 110253] [client 104.207.54.245: ... show more [Thu Jun 04 00:24:27.607707 2026] [authz_core:error] [pid 110150:tid 110253] [client 104.207.54.245:53981] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/xmlrpc.php show less	Brute-Force Web App Attack
🇨🇳 ThreatBook.io	2026-05-13 01:54:39 (1 month ago)	ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.54.245 ... show more ThreatBook Intelligence: http_proxy,Gateway more details on https://threatbook.io/ip/104.207.54.245 2026-05-12 16:48:40 / 2026-05-12 16:26:29 / 2026-05-12 16:24:16 / 2026-05-12 16:48:34 / show less	Web App Attack
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 04:44:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 23:44:28.246920 2026] [security2:error] [pid 12911:tid 12914] [client 104.207.54.245:48253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "saskiarose.m3sxa.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aWnCLAOSVYmv-RiuSEqsIQAAAIA"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-12-29 11:01:28 (5 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇨🇦 SSH-Admin	2025-12-27 22:05:38 (5 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇮🇹 VHosting	2025-12-23 11:24:10 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-02 22:58:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:58:00.066334 2025] [security2:error] [pid 10692:tid 10692] [client 104.207.54.245:19107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title40.com"] [uri "/.svn/wc.db"] [unique_id "aS9u-ETBJCq7TQINZtSYCQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 15:48:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:48:10.519355 2025] [security2:error] [pid 23011:tid 23011] [client 104.207.54.245:58169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "christmascardstropical.com"] [uri "/.svn/wc.db"] [unique_id "aS8KOna2DiFLjOHCN-Sw0AAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 07:10:29 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 02:10:22.829344 2025] [security2:error] [pid 25859:tid 25859] [client 104.207.54.245:12049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ps-omega.com"] [uri "/.env"] [unique_id "aS6Q3rInzJEEby4JyDuztwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:50:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:50:28.571727 2025] [security2:error] [pid 30198:tid 30198] [client 104.207.54.245:51833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "callbobh.com"] [uri "/.env"] [unique_id "aS5wFC1MsLnHOdg4exDghAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 01:22:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 20:22:04.225451 2025] [security2:error] [pid 6413:tid 6413] [client 104.207.54.245:34047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tckgbookkeeping.biz"] [uri "/.git/HEAD"] [unique_id "aS4_PG3A2Koqk7kmTCYlzAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-02 00:51:31 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 21:54:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:54:48.675067 2025] [security2:error] [pid 17759:tid 17759] [client 104.207.54.245:52665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalsolutions.technology"] [uri "/.svn/wc.db"] [unique_id "aSjIqGsvXkc1XTFxhvE-QAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 156 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.116.237.163

🇧🇷 179.234.246.85

🇳🇱 103.229.81.178

🇵🇱 87.251.64.155

🇯🇵 82.29.38.6

🇸🇬 23.94.192.53

🇮🇩 2406:da19:cdc:7800:418a:db75:9f9f:cabe

🇯🇵 212.32.76.66

🇪🇹 196.189.98.77

🇳🇱 185.226.197.62

🇫🇮 147.185.133.9

🇨🇭 104.244.79.113

🇺🇸 66.132.224.89

🇺🇸 44.244.251.147

🇨🇳 36.139.173.163

🇺🇸 2607:ff10:c8:594::7

🇺🇸 205.210.31.66

🇷🇴 193.46.255.86

🇺🇸 159.203.83.195

🇺🇸 52.167.144.194