JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.15

104.207.53.15 was found in our database!

This IP was reported 81 times. Confidence of Abuse is 22%: ?

22%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.15

Whois 104.207.53.15

IP Abuse Reports for 104.207.53.15:

This IP address has been reported a total of 81 times from 20 distinct sources. 104.207.53.15 was first reported on June 5th 2024, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 poundawebsiteltd	2026-06-27 18:54:02 (20 hours ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 104.207.53.15 - - [27/Jun/2026:19:53:58 +0100] P ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 104.207.53.15 - - [27/Jun/2026:19:53:58 +0100] POST /wp-login.php HTTP/1.1 200 7364 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15 show less	Web App Attack
🇫🇷 Hippoline	2026-06-26 15:21:03 (1 day ago)	Jun 26 17:21:01 local wp(XXXX-A)[10311]: Authentication attempt for unknown user admin from ::ffff:1 ... show more Jun 26 17:21:01 local wp(XXXX-A)[10311]: Authentication attempt for unknown user admin from ::ffff:104.207.53.15 ... show less	Brute-Force Web App Attack
🇫🇷 Sklurk	2026-06-23 04:06:47 (5 days ago)	Web App Attack	Web App Attack
🇧🇪 voormedia	2026-03-05 16:08:54 (3 months ago)	Accessed trap at '/.aws/config'	Web App Attack
🇺🇸 TPI-Abuse	2026-03-05 08:34:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:34:50.581241 2026] [security2:error] [pid 2915:tid 2924] [client 104.207.53.15:49363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/7e/62220bd61e831191af61ee31a09e0cfd7ff785"] [unique_id "aalAKmbdh7c6FWT9QFVS0gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-26 14:36:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 09:36:30.059423 2026] [security2:error] [pid 24421:tid 24421] [client 104.207.53.15:43961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.172"] [uri "/.git/config"] [unique_id "aaBabpf-WtUBvPQ_I19Q4wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:12 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-11-25 05:54:56 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:54:52.484534 2025] [security2:error] [pid 4846:tid 4846] [client 104.207.53.15:33681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.yankeetownfishing.com"] [uri "/.env"] [unique_id "aSVErDy3D4c18x29XsTgGQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:39:48 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:39:43.110031 2025] [security2:error] [pid 5687:tid 5687] [client 104.207.53.15:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.coiledtubingdrilling.com"] [uri "/.svn/wc.db"] [unique_id "aSUzD4WREeRdAiaVJg7tgAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:01:26 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:01:19.113461 2025] [security2:error] [pid 12957:tid 12957] [client 104.207.53.15:37769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.lifestrong.com"] [uri "/.env"] [unique_id "aSUqDzdz_JH_6GNs43fUFwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:06:01 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:05:43.314089 2025] [security2:error] [pid 27724:tid 27724] [client 104.207.53.15:23019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bodiehistory.com"] [uri "/.git/HEAD"] [unique_id "aSUA5wZNsfAobWNWG7pE1wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:04:01 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:03:57.468112 2025] [security2:error] [pid 28039:tid 28039] [client 104.207.53.15:38273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.perron.org"] [uri "/.git/HEAD"] [unique_id "aSTybeQr-K3JM7BXuZj3qQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 11:10:01 (7 months ago)	suspicious request in access.log	Web App Attack
🇱🇻 garmtech.com	2025-11-24 09:26:19 (7 months ago)	Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/.svn/wc.db) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:31:21 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:31:17.808310 2025] [security2:error] [pid 5102:tid 5123] [client 104.207.53.15:28059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.southtampaprinting.com"] [uri "/.env"] [unique_id "aSP7tSR4b9K7bCaDrEcq_QAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 81 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2405:201:a443:306a:6cad:35b7:eeb5:5782

🇲🇰 188.44.20.31

🇨🇳 121.229.107.184

🇱🇹 45.227.254.170

🇩🇪 45.80.166.55

🇺🇸 34.231.156.59

🇧🇪 198.235.24.166

🇬🇧 193.163.125.196

🇳🇱 185.189.182.234

🇺🇸 184.105.139.106

🇮🇩 182.253.156.173

🇳🇱 176.65.149.220

🇩🇪 162.19.243.145

🇺🇸 142.93.255.85

🇨🇳 120.198.61.146

🇳🇱 85.121.54.44

🇸🇬 23.111.14.189

🇺🇸 172.182.195.38

🇹🇭 165.154.119.20

🇺🇸 162.216.149.146