JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.168

104.207.55.168 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 29%: ?

29%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.168

Whois 104.207.55.168

IP Abuse Reports for 104.207.55.168:

This IP address has been reported a total of 128 times from 18 distinct sources. 104.207.55.168 was first reported on June 20th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-17 01:49:50 (1 week ago)	Web App Attack	Web App Attack
🇲🇽 octageeks.com	2026-06-03 04:08:31 (3 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇩🇪 big-cloud.nl	2026-06-02 00:16:19 (3 weeks ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-05-30 16:20:39 (3 weeks ago)	Web attack blocked by Wordfence on gedichtenlangsdegeul.nl (1 hit). Reported by CRMON.	Web App Attack
🇩🇪 FeG Deutschland	2026-05-30 01:57:44 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇲🇹 Malta	2026-05-26 01:39:29 (4 weeks ago)	104.207.55.168 - - [26/May/2026:03:39:29 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 104.207.55.168 - - [26/May/2026:03:39:29 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇺🇸 TPI-Abuse	2026-02-12 04:32:24 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:32:16.399402 2026] [security2:error] [pid 2698:tid 2698] [client 104.207.55.168:57999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arthynatarajan.com"] [uri "/admin/.env"] [unique_id "aY1X0DgT3ZQ_6_IGKQp4xQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 23:52:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:52:00.909048 2026] [security2:error] [pid 26539:tid 26539] [client 104.207.55.168:29085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arkml.com"] [uri "/wp/.git/config"] [unique_id "aY0WIOGBCBC3Cf5MdJKLPQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-10 22:28:20 (4 months ago)	Try to access /frontend/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:25:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:25:02.829020 2026] [security2:error] [pid 28859:tid 28859] [client 104.207.55.168:13997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbyimc.com"] [uri "/site/.git/config"] [unique_id "aYqlDhXSGa5518qGD477ugAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 00:46:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 19:46:51.892915 2026] [security2:error] [pid 2616081:tid 2616081] [client 104.207.55.168:28703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.com"] [uri "/.env"] [unique_id "aYp_-3NujYqOt7C2txXFbwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:46:56 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:46:52.009757 2026] [security2:error] [pid 8221:tid 8230] [client 104.207.55.168:10867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honorac.com"] [uri "/site/.git/config"] [unique_id "aYpHvMfitxoJcbezxZkg5wAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:38 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇺🇸 Rip	2025-11-02 12:36:35 (7 months ago)	Authentication attack attempt. CMS Brute Force - Access Forbidden	Brute-Force Web App Attack

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.138.194.82

🇰🇷 112.184.12.214

🇵🇸 82.102.205.178

🇺🇸 216.180.246.122

🇷🇺 213.180.203.186

🇵🇱 188.213.212.204

🇸🇬 172.104.186.150

🇺🇸 167.71.24.81

🇻🇳 160.191.242.222

🇻🇳 113.161.189.102

🇨🇳 111.53.8.101

🇻🇳 103.161.170.12

🇫🇷 51.159.149.103

🇪🇬 41.128.181.196

🇳🇱 188.166.86.56

🇺🇸 165.154.255.26

🇻🇳 115.78.9.138

🇺🇸 104.238.222.26

🇮🇳 103.171.195.22

🇬🇧 89.37.172.147