JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.21

104.207.55.21 was found in our database!

This IP was reported 109 times. Confidence of Abuse is 37%: ?

37%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.21

Whois 104.207.55.21

IP Abuse Reports for 104.207.55.21:

This IP address has been reported a total of 109 times from 29 distinct sources. 104.207.55.21 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-03 11:51:29 (1 week ago)	(y4) Failed scan -byebye- from 104.207.55.21 (DE/Germany/-): (CF_ENABLE)	Hacking
🇺🇸 TPI-Abuse	2026-06-02 19:00:32 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:00:27.607528 2026] [security2:error] [pid 24098:tid 24098] [client 104.207.55.21:53879] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|humbliaslaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "humbliaslaw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah8oS2HGiBVEEgep_HF0PQAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 pm33	2026-05-30 13:46:51 (1 week ago)	Wordpress login attempts	Brute-Force
🇲🇽 octageeks.com	2026-05-27 04:17:22 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
Anonymous	2026-05-26 06:50:01 (2 weeks ago)	[osotir.org] httpd-login-spray-site: sites=osotir.org; logs=/var/log/httpd/domains/osotir.org.log; s ... show more [osotir.org] httpd-login-spray-site: sites=osotir.org; logs=/var/log/httpd/domains/osotir.org.log; samples=site_wide=true \| distinct_ips=29 \| /wp-login.php show less	Hacking Web App Attack
Anonymous	2026-05-20 03:22:16 (3 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇮🇩 Burayot	2026-05-14 00:17:33 (3 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.55.21 (DE/Germany/-): 2 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.55.21 (DE/Germany/-): 2 in the last 3600 secs show less	Web App Attack
🇪🇸 librebit	2026-03-13 05:22:51 (2 months ago)	Brute force	Brute-Force
🇺🇸 Penny Packer	2026-03-01 20:27:45 (3 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇫🇷 tilellit.pro	2026-02-22 10:53:34 (3 months ago)	Fail2Ban banned 104.207.55.21 for security violations in jail wp-armour. Log: 2026/02/22 10:53:33 [e ... show more Fail2Ban banned 104.207.55.21 for security violations in jail wp-armour. Log: 2026/02/22 10:53:33 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.207.55.21 \| Target: wplogin" , client: 104.207.55.21, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-02-13 12:55:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:55:50.281604 2026] [security2:error] [pid 22335:tid 22335] [client 104.207.55.21:41951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "midwayisland.com"] [uri "/new/.git/config"] [unique_id "aY8fVtpaa3cKybDQ7Po-3QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:06:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:06:17.194591 2026] [security2:error] [pid 9235:tid 9235] [client 104.207.55.21:30691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medioskreativos.com"] [uri "/.env.local"] [unique_id "aY7NaTyGtx7qbhgv3ECvvAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:49:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:49:03.251232 2026] [security2:error] [pid 2018598:tid 2018617] [client 104.207.55.21:34907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "media928.com"] [uri "/admin/.env"] [unique_id "aY7JX5PM_OTIcJmkUbOVdQAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:29:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:29:09.589413 2026] [security2:error] [pid 247281:tid 247281] [client 104.207.55.21:28827] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maunakeavista.com"] [uri "/app/.git/config"] [unique_id "aY62pQGgAOw_KL1xMgIPLQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:36:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:36:43.229370 2026] [security2:error] [pid 2398752:tid 2398752] [client 104.207.55.21:16075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maryrosevaro.com"] [uri "/wp/.git/config"] [unique_id "aY6qW4d1h2p5l5hVA5p5jgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 109 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4004:c19::128

🇻🇳 118.70.182.193

🇺🇸 107.150.99.9

🇨🇦 85.217.149.71

🇯🇵 8.216.9.107

🇺🇸 4.157.250.195

🇧🇷 2804:2984:9579:3a00:91d9:1c3f:be66:7a67

🇰🇭 202.79.29.108

🇩🇪 194.187.176.63

🇩🇪 193.228.139.227

🇳🇱 188.166.68.252

🇫🇷 141.145.202.4

🇨🇳 123.149.50.16

🇩🇪 87.120.166.130

🇨🇳 60.27.226.39

🇦🇺 40.127.67.83

🇸🇬 13.250.241.209

🇺🇸 172.71.194.195

🇨🇳 118.145.213.116

🇳🇱 91.92.42.133