JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.196

104.207.55.196 was found in our database!

This IP was reported 120 times. Confidence of Abuse is 14%: ?

14%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.196

Whois 104.207.55.196

IP Abuse Reports for 104.207.55.196:

This IP address has been reported a total of 120 times from 14 distinct sources. 104.207.55.196 was first reported on June 5th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 sshtmp	2026-05-20 13:27:21 (2 weeks ago)	[AbuseIPDB auto-report] Attack: Unauthorized wp-admin access/probing; WordPress wp-login brute-force ... show more [AbuseIPDB auto-report] Attack: Unauthorized wp-admin access/probing; WordPress wp-login brute-force; WordPress XML-RPC brute-force Hits: 10 \| First: 2026-05-20T15:07:35+02:00 \| Last: 2026-05-20T15:27:21+02:00 Samples: POST /xmlrpc.php [200] \| GET /wp-login.php [302] \| GET /wp-admin/ [302] show less	Brute-Force Web App Attack
Anonymous	2026-05-05 04:36:12 (1 month ago)	2026-05-05T06:36:12.762755+02:00 zanati wp(www.sahpa.co.za)[237216]: Blocked authentication attempt ... show more 2026-05-05T06:36:12.762755+02:00 zanati wp(www.sahpa.co.za)[237216]: Blocked authentication attempt for LisaNcube from 104.207.55.196 ... show less	Web App Attack
🇫🇷 masterguru	2026-05-02 20:30:49 (1 month ago)	(modsec_2000110) ModSec 2000110: Malicious username admlnlx from 104.207.55.196 (DE/Germany/-): 1 in ... show more (modsec_2000110) ModSec 2000110: Malicious username admlnlx from 104.207.55.196 (DE/Germany/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 octageeks.com	2026-02-23 05:07:06 (3 months ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-21 12:44:10 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 21 07:44:06.486833 2026] [security2:error] [pid 8555:tid 8555] [client 104.207.55.196:18161] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|coroneta.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coroneta.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZmolirn2N3UZADGus9OxAAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-11 09:01:00 (3 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-08 15:08:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 08 10:08:32.945890 2026] [security2:error] [pid 24165:tid 24165] [client 104.207.55.196:31249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madisonmedia.ai"] [uri "/.env"] [unique_id "aV_IcGgadOi9Q7Z6RUrAnwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:53 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-29 04:55:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:55:36.813924 2025] [security2:error] [pid 15789:tid 15789] [client 104.207.55.196:12321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rentkase.com"] [uri "/.git/HEAD"] [unique_id "aVIJyJnxXCxEKqpk9SuZhgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 03:55:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:55:20.543300 2025] [security2:error] [pid 18818:tid 18818] [client 104.207.55.196:25295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jessehaupert.com"] [uri "/.svn/wc.db"] [unique_id "aVH7qG8TjXXGj1maep8r0wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:13:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:13:10.953540 2025] [security2:error] [pid 9607:tid 9686] [client 104.207.55.196:45931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.fostexlaw.com"] [uri "/.svn/wc.db"] [unique_id "aSaohvkDcg6wFbLmNJ0cPAAAAg4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:22:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:22:38.472012 2025] [security2:error] [pid 21999:tid 21999] [client 104.207.55.196:57547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.designsbyyvonne.net"] [uri "/.git/HEAD"] [unique_id "aSaOnr8jPeZxEXx_N9noHAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:14:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:14:37.413019 2025] [security2:error] [pid 3365545:tid 3365683] [client 104.207.55.196:52095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wasula2.stonyp.com"] [uri "/.env"] [unique_id "aSZijSa0-q0nx5VbsSCkBQAAAkc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:10:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:10:03.130566 2025] [security2:error] [pid 25731:tid 25731] [client 104.207.55.196:18221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.rdkrecords.com"] [uri "/.env"] [unique_id "aSZTa-d0qNo0Z5wHsIfuGgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:55:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:55:16.470299 2025] [security2:error] [pid 25528:tid 25528] [client 104.207.55.196:27323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.weirdlovemakers.com"] [uri "/.env"] [unique_id "aSQrhPv2ES3ZGL3PNyLeiwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 120 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 163.7.9.55

🇳🇬 102.88.137.213

🇺🇸 68.183.59.84

🇳🇱 45.148.10.183

🇺🇸 216.24.210.227

🇰🇷 175.214.123.177

🇺🇸 172.202.114.25

🇻🇳 103.131.71.171

🇳🇱 88.151.33.232

🇮🇹 84.33.243.253

🇱🇹 81.30.98.142

🇬🇧 77.68.9.24

🇮🇳 49.207.243.158

🇮🇷 37.148.5.246

🇺🇸 157.230.211.23

🇻🇳 125.212.235.194

🇳🇱 81.19.216.74

🇺🇸 45.33.41.118

🇷🇴 2.57.121.25

🇲🇽 187.154.100.150