JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.248

104.207.54.248 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.248

Whois 104.207.54.248

IP Abuse Reports for 104.207.54.248:

This IP address has been reported a total of 130 times from 14 distinct sources. 104.207.54.248 was first reported on June 4th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 cmbplf	2026-05-07 04:29:52 (1 month ago)	606 requests with url.path *.env	Brute-Force Bad Web Bot
Anonymous	2026-04-02 17:36:34 (2 months ago)	Fail2ban filtered ...	Web App Attack
Anonymous	2025-11-26 23:45:54 (6 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.11.26 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.11.26 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 12:16:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:16:00.914969 2025] [security2:error] [pid 22443:tid 22443] [client 104.207.54.248:26163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "htu.wholesalelivelobsters.com"] [uri "/.git/HEAD"] [unique_id "aSbvgDB_vZgFVwA9t-rOoQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:23:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:23:50.799176 2025] [security2:error] [pid 2360:tid 2360] [client 104.207.54.248:41177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stucohen.com"] [uri "/.svn/wc.db"] [unique_id "aSa5Fvs16LK2n-_iO_FmVAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:37:49 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:37:41.299916 2025] [security2:error] [pid 2450:tid 2450] [client 104.207.54.248:12267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.franklincountyquilters.org"] [uri "/.env"] [unique_id "aSaSJWDktEhM9DIjZ-yiVgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:15:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:15:10.296959 2025] [security2:error] [pid 4295:tid 4295] [client 104.207.54.248:46401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lsippell.com"] [uri "/.git/HEAD"] [unique_id "aSQiHroFeOlLYYDRAgRMKQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:41:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:41:49.841118 2025] [security2:error] [pid 19941:tid 19941] [client 104.207.54.248:16167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.isaacrivas.com"] [uri "/.git/HEAD"] [unique_id "aSQaTRgDpPZgLAFyUc413wAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:14:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:13:22.734793 2025] [security2:error] [pid 5147:tid 5147] [client 104.207.54.248:53887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.orientaltb.com"] [uri "/.env"] [unique_id "aSQTomY0OIzcxuM2ShUvdQAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 19:48:24 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 14:48:17.847779 2025] [security2:error] [pid 12272:tid 12272] [client 104.207.54.248:42119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cathayan.abecasis.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRTkgZJTrot071BLwTj0ogAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 urnilxfgbez	2025-10-15 22:45:00 (7 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2025-04-06 21:48:26 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 23:35:53 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 21:38:55 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-03 23:16:58 (1 year ago)	Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.03 is noted in report tim ... show more Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.03 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:6c73:b001

🇵🇪 190.223.60.209

🇨🇳 175.178.71.217

🇲🇩 109.185.157.83

🇫🇷 91.231.89.247

🇺🇸 74.209.100.246

🇧🇷 45.4.179.3

🇺🇸 43.173.69.147

🇺🇸 40.124.175.251

🇧🇷 191.7.26.153

🇵🇦 190.218.166.45

🇧🇷 190.115.84.25

🇬🇧 159.26.106.169

🇮🇳 103.211.171.44

🇸🇦 85.194.68.117

🇺🇸 74.196.34.137

🇨🇦 15.235.27.22

🇳🇱 2a0b:8bc0:2:56a8::1

🇺🇸 216.73.161.215

🇱🇧 185.99.32.195