JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.67

104.207.54.67 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 11%: ?

11%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.67

Whois 104.207.54.67

IP Abuse Reports for 104.207.54.67:

This IP address has been reported a total of 126 times from 11 distinct sources. 104.207.54.67 was first reported on June 7th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 thetomtaylor.co.uk	2026-06-04 19:08:02 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 Blexyel	2026-06-03 18:40:44 (2 weeks ago)	104.207.54.67 - - [03/Jun/2026:20:40:43 +0200] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 ... show more 104.207.54.67 - - [03/Jun/2026:20:40:43 +0200] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" ... show less	Brute-Force Web App Attack
🇮🇹 VHosting	2026-03-11 13:03:11 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2026-03-04 05:15:07 (3 months ago)	XMLRPC BRUTEFORCE - HTTP (Request)	Hacking
Anonymous	2025-12-21 23:39:49 (5 months ago)	Attempted brute force login to web vpn 216 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 216 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 21:44:28 (5 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.12.19 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-01 23:39:50 (6 months ago)	Attempted brute force login to web vpn 955 time(s); last attempt for 2025.12.01 is noted in report t ... show more Attempted brute force login to web vpn 955 time(s); last attempt for 2025.12.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-30 23:34:06 (6 months ago)	Attempted brute force login to web vpn 976 time(s); last attempt for 2025.11.30 is noted in report t ... show more Attempted brute force login to web vpn 976 time(s); last attempt for 2025.11.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-27 23:14:36 (6 months ago)	Attempted brute force login to web vpn 2533 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 2533 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 09:49:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:49:29.142807 2025] [security2:error] [pid 27436:tid 27472] [client 104.207.54.67:23997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bortec-corp.com"] [uri "/.env"] [unique_id "aSQqKS11ccQ7B_U6FGSWEQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:12:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:12:44.549460 2025] [security2:error] [pid 31122:tid 31122] [client 104.207.54.67:58215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bioemperor.com"] [uri "/.env"] [unique_id "aSQhjKwSPMnC5QUIjck0bQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:21:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:21:21.560193 2025] [security2:error] [pid 18193:tid 18277] [client 104.207.54.67:13301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.koublacat.com"] [uri "/.git/HEAD"] [unique_id "aSP5YZqABul9tZzps9kqiwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:59:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:59:33.395464 2025] [security2:error] [pid 4723:tid 4723] [client 104.207.54.67:32451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.orleansdartclub.com"] [uri "/.env"] [unique_id "aSPmNXtII0Ejwe6YQR7NXgAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 23:40:52 (7 months ago)	Attempted brute force login to web vpn 413 time(s); last attempt for 2025.11.18 is noted in report t ... show more Attempted brute force login to web vpn 413 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-16 02:58:03 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 21:57:58.309606 2025] [security2:error] [pid 30226:tid 30226] [client 104.207.54.67:17263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.aboutahome.net"] [uri "/.env"] [unique_id "aRk9tgstRGjNlls-IXdrxgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 125.124.226.217

🇺🇸 103.143.238.100

🇸🇪 83.233.149.204

🇺🇸 195.184.76.219

🇺🇸 167.99.4.252

🇨🇳 121.229.156.17

🇨🇳 101.126.17.72

🇱🇹 62.60.130.14

🇧🇷 45.231.116.119

🇺🇸 18.191.153.65

🇮🇹 4.232.80.255

🇧🇷 206.42.8.243

🇸🇬 202.70.132.154

🇦🇷 190.16.62.230

🇳🇱 176.65.148.229

🇩🇪 167.94.145.24

🇸🇳 41.82.50.218

🇧🇷 2804:d55:47e2:c100:fcfb:fa72:e817:34f5

🇳🇱 195.178.110.188

🇨🇴 181.51.32.39