JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.175

104.207.55.175 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 12%: ?

12%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.175

Whois 104.207.55.175

IP Abuse Reports for 104.207.55.175:

This IP address has been reported a total of 148 times from 21 distinct sources. 104.207.55.175 was first reported on June 6th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 F242	2026-05-22 20:05:06 (1 month ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇳🇱 MatStef132	2026-05-19 20:21:34 (1 month ago)	MatShield L7: blocked on chat.justchat.icu (ua-quarantined)	Bad Web Bot
🇫🇷 MatStef132	2026-05-15 15:39:09 (1 month ago)	MatShield L7 blocked request to mathost.eu for reason ua-q	DDoS Attack Bad Web Bot Web App Attack
🇫🇷 MatStef132	2026-05-14 21:32:38 (1 month ago)	[mathost.eu] clic	DDoS Attack Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-04-28 15:44:20 (1 month ago)	Cloudflare WAF: Request Path: /123456 Request Query: ?gclid=VtApo3kDx1cSx Host: elhacker.net userAge ... show more Cloudflare WAF: Request Path: /123456 Request Query: ?gclid=VtApo3kDx1cSx Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: 3xK Tech GmbH Country: DE Method: GET Timestamp: 2026-04-28T15:44:20Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 12:10:32 (4 months ago)	Try to access /config/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:56:42 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:56:39.343509 2026] [security2:error] [pid 12821:tid 12821] [client 104.207.55.175:46813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omintara.com"] [uri "/wp/.git/config"] [unique_id "aZFgF_h3yzxA6f8iaP9yAAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-02-15 05:52:43 (4 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.55.175 (DE/Germany/-)	SQL Injection
🇬🇧 poundawebsiteltd	2026-02-15 05:23:23 (4 months ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 104.207.55.175 - - [15/Feb/2026: ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 104.207.55.175 - - [15/Feb/2026:05:23:21 +0000] GET /config/.env HTTP/1.1 403 235 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:05:11 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:05:05.262605 2026] [security2:error] [pid 4758:tid 4758] [client 104.207.55.175:45983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prezence.com"] [uri "/admin/.git/config"] [unique_id "aZFUAajB2Xwhgsso1Ws4GQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 04:13:33 (4 months ago)	(modsecurity) srv102 ModSecurity 104.207.55.175 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; D ... show more (modsecurity) srv102 ModSecurity 104.207.55.175 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 mnsf	2026-02-15 04:05:43 (4 months ago)	Too many Status 40X (11) Scanning/Probing (11)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:00:21 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:00:15.930685 2026] [security2:error] [pid 14724:tid 14724] [client 104.207.55.175:30953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "potamus.net"] [uri "/backup/.git/config"] [unique_id "aZFEzxYHowixyaMGjx4rPQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:31:28 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:31:22.860635 2026] [security2:error] [pid 2426646:tid 2426646] [client 104.207.55.175:39627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nolagardenmarket.com"] [uri "/.env.save"] [unique_id "aZE-CiWaUcel3nPndIXMQgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:13:49 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:13:46.977505 2026] [security2:error] [pid 18768:tid 18768] [client 104.207.55.175:37881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "polishedspaservices.com"] [uri "/.env"] [unique_id "aZE56jvXfCmx6mqNjIYOVAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 209.38.120.71

🇹🇭 202.183.141.189

🇧🇼 168.167.228.123

🇨🇴 161.18.234.168

🇿🇦 102.66.181.242

🇳🇱 91.92.40.240

🇨🇦 85.217.149.71

🇸🇬 43.128.81.242

🇧🇪 198.235.24.231

🇺🇸 172.184.219.219

🇸🇬 158.178.228.72

🇨🇳 119.45.119.171

🇺🇸 66.93.12.77

🇸🇬 62.146.232.73

🇦🇺 34.40.145.110

🇩🇪 213.209.159.227

🇺🇸 195.184.76.90

🇧🇴 186.121.222.66

🇦🇷 181.165.59.13

🇺🇸 147.185.132.139