JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.76

104.207.54.76 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.76

Whois 104.207.54.76

IP Abuse Reports for 104.207.54.76:

This IP address has been reported a total of 130 times from 13 distinct sources. 104.207.54.76 was first reported on June 18th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-02-18 04:05:17 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 00:55:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:55:28.984516 2026] [security2:error] [pid 23419:tid 23419] [client 104.207.54.76:27849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raaksystems.com"] [uri "/.env.save"] [unique_id "aZUOAOk1CzjpvTl2lzWsGQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 23:27:25 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:27:20.107477 2025] [security2:error] [pid 12796:tid 12796] [client 104.207.54.76:34565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edgewatertaxidermy.com"] [uri "/.env"] [unique_id "aVBrWJleoA_6X3FuSh3mqwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 20:54:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:54:14.615169 2025] [security2:error] [pid 6798:tid 6798] [client 104.207.54.76:52255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ashwoodsecurity.com"] [uri "/.svn/wc.db"] [unique_id "aVBHdrVZPYlS2mc65eC21wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 17:12:54 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:12:47.555700 2025] [security2:error] [pid 13761:tid 13761] [client 104.207.54.76:40859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schlegelcreative.com"] [uri "/.env"] [unique_id "aVATj_0JI7rjK1jCEybBxgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 15:54:20 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 10:54:17.433548 2025] [security2:error] [pid 31422:tid 31422] [client 104.207.54.76:55135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hydrometal-js.com"] [uri "/.env"] [unique_id "aVABKQT1f_VhRKHAAY2DLQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 12:02:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 07:02:28.721038 2025] [security2:error] [pid 27088:tid 27088] [client 104.207.54.76:57185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roigcorporativo.com"] [uri "/.svn/wc.db"] [unique_id "aTgP1NzIDE1q54l99WRV5AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 14:35:24 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 09:35:18.381590 2025] [security2:error] [pid 23660:tid 23660] [client 104.207.54.76:17507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crr-construction.com"] [uri "/.git/HEAD"] [unique_id "aTbiJhqJfOfDxBMQ6vJxLgAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 11:12:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 06:12:42.844416 2025] [security2:error] [pid 21741:tid 21741] [client 104.207.54.76:24709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darkalleyproductions.com"] [uri "/.svn/wc.db"] [unique_id "aTayqs8dV-NvazQxAvjokAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-12-05 21:18:48 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 08:29:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:29:32.998857 2025] [security2:error] [pid 25076:tid 25076] [client 104.207.54.76:28985] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adonamusic.com"] [uri "/.svn/wc.db"] [unique_id "aTKX7MlN7v7ws1c-SM6alQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:27:02 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:26:58.512331 2025] [security2:error] [pid 21883:tid 21883] [client 104.207.54.76:12139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dinkusdrums.com"] [uri "/.svn/wc.db"] [unique_id "aTJ7Ml3tg4dQopZXYB0fgQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 04:43:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 23:43:13.999075 2025] [security2:error] [pid 31816:tid 31816] [client 104.207.54.76:39051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rail-town.com"] [uri "/.svn/wc.db"] [unique_id "aTJi4YV0Q2K8_fTadN-L_QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-11-11 15:53:35 (6 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-10-24 12:58:58 (7 months ago)	WP Login Scan Activities	Web App Attack

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a02:4780:3f:2073:0:149f:9f01:1

🇰🇿 178.91.234.66

🇳🇱 176.65.139.254

🇨🇳 115.190.140.249

🇨🇳 103.219.32.239

🇧🇩 103.161.69.72

🇹🇱 103.99.26.210

🇵🇱 51.77.52.6

🇧🇷 45.238.101.91

🇺🇸 198.74.50.114

🇮🇳 122.185.146.166

🇨🇳 113.248.96.240

🇩🇪 104.207.52.42

🇧🇭 84.255.184.240

🇩🇪 43.228.157.179

🇩🇿 41.103.150.68

🇨🇭 2a05:d019:906:e02:d7b9:52d7:7e2:1f24

🇳🇱 204.76.203.206

🇮🇩 202.65.231.31

🇮🇷 178.131.146.25