JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.47.54

104.207.47.54 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.47.54

Whois 104.207.47.54

IP Abuse Reports for 104.207.47.54:

This IP address has been reported a total of 135 times from 14 distinct sources. 104.207.47.54 was first reported on June 8th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-15 08:47:29 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 03:47:26.209445 2026] [security2:error] [pid 25448:tid 25448] [client 104.207.47.54:11585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssion.com"] [uri "/.env"] [unique_id "aWipnh8coJOqDNTsOlfl_wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 conseilgouz	2026-01-12 11:55:18 (4 months ago)	doe-17 : Block hidden directories=>/.env(/)	Hacking
🇦🇺 MAGIC	2025-12-24 05:05:42 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-26 06:41:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:41:16.885810 2025] [security2:error] [pid 12315:tid 12315] [client 104.207.47.54:26859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "checkmyhomevalueca.kunzteam.com"] [uri "/.git/HEAD"] [unique_id "aSahDPeaWBw1mKUMaK-IlwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:26:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:26:22.171348 2025] [security2:error] [pid 634:tid 634] [client 104.207.47.54:34387] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kinatalton.taltonfamily.com"] [uri "/.svn/wc.db"] [unique_id "aSaPftEej2J6wIMUvNsxvwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:55:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:54:59.860342 2025] [security2:error] [pid 11097:tid 11097] [client 104.207.47.54:51781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aircomfort.sophcomp.com"] [uri "/.svn/wc.db"] [unique_id "aSUok0VAzaOQFMC1LRqQ7wAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:35:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:35:25.967614 2025] [security2:error] [pid 1647140:tid 1647197] [client 104.207.47.54:33959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.gapm.eu"] [uri "/.git/HEAD"] [unique_id "aSUj_cWdNO_bFaD03ZY_vwAAANM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:24:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:24:39.115453 2025] [security2:error] [pid 4610:tid 4610] [client 104.207.47.54:32767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.modalguitarist.com"] [uri "/.git/HEAD"] [unique_id "aSUTZ7YQRfkkhC9JoJCbWAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:25:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:25:20.322567 2025] [security2:error] [pid 28007:tid 28007] [client 104.207.47.54:25781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.lmv.us"] [uri "/.svn/wc.db"] [unique_id "aST3cFlT9zsKWKUjZvPbrwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:38:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:38:08.149046 2025] [security2:error] [pid 560:tid 560] [client 104.207.47.54:47637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.title26.com"] [uri "/.svn/wc.db"] [unique_id "aSQZcEf1sInzUbNzXyCviwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:21:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.47.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:21:06.714569 2025] [security2:error] [pid 17436:tid 17436] [client 104.207.47.54:39817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.lodge84.org"] [uri "/.env"] [unique_id "aSPrQh4PaDeidNWVljrH1AAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-14 01:24:22 (6 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-10-18 05:02:16 (7 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2025-10-17 16:05:46 (7 months ago)	GlobalProtect login attempts with user rivega.	VPN IP Brute-Force
Anonymous	2025-10-15 14:52:20 (7 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 153.117.40.249

🇨🇳 113.59.32.132

🇳🇱 176.65.148.243

🇩🇪 157.230.21.37

🇰🇷 61.80.161.172

🇺🇸 43.162.112.238

🇮🇩 43.133.148.170

🇻🇳 14.191.26.130

🇧🇪 198.235.24.180

🇰🇪 197.237.250.19

🇺🇸 192.178.66.81

🇺🇸 185.238.28.4

🇧🇪 104.155.8.85

🇱🇹 81.30.98.158

🇧🇬 79.124.49.226

🇩🇪 63.177.76.165

🇧🇷 43.164.192.151

🇬🇧 35.203.210.165

🇺🇸 20.171.25.181

🇺🇸 18.219.89.245