JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.54.15

104.207.54.15 was found in our database!

This IP was reported 83 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.54.15

Whois 104.207.54.15

IP Abuse Reports for 104.207.54.15:

This IP address has been reported a total of 83 times from 18 distinct sources. 104.207.54.15 was first reported on June 4th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-14 06:04:37 (2 days ago)	Aggressive web scan	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-03-05 08:22:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:22:42.863379 2026] [security2:error] [pid 2915:tid 2930] [client 104.207.54.15:51907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/a8/67ba5cb9973ff301f3ef4265362bd028393085"] [unique_id "aak9Umbdh7c6FWT9QFVPzwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 madeit	2025-11-27 12:26:48 (6 months ago)		Web App Attack
🇨🇳 ThreatBook.io	2025-11-27 00:27:45 (6 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.54.15 20 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.54.15 2025-11-26 17:30:25 /.aws/credentials show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 12:33:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:33:38.385866 2025] [security2:error] [pid 22324:tid 22324] [client 104.207.54.15:42807] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blogs.melton.space"] [uri "/.env"] [unique_id "aSbzouT7a76Ka42SjX0_egAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:54:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:54:26.701307 2025] [security2:error] [pid 14910:tid 14910] [client 104.207.54.15:35221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.veneye.com"] [uri "/.svn/wc.db"] [unique_id "aSayMlyaHtFqC4AF8YOvBAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 07:06:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 02:06:42.779429 2025] [security2:error] [pid 2508977:tid 2508977] [client 104.207.54.15:34225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daretownkindling.resilientigm.com"] [uri "/.env"] [unique_id "aSanAhbA3EIo2GDxFpiVNAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:30:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:30:06.565073 2025] [security2:error] [pid 27365:tid 27365] [client 104.207.54.15:42067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.jambmaster.com"] [uri "/.git/HEAD"] [unique_id "aSaQXvKU-0ctcxeJhGjebAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:25:34 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:25:30.700679 2025] [security2:error] [pid 6154:tid 6154] [client 104.207.54.15:46803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.krmartindale.com"] [uri "/.git/HEAD"] [unique_id "aSZI-hE_ow3mY3gRdeuUZgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 tinect	2025-11-25 21:34:18 (6 months ago)	This IP was detected by CrowdSec triggering tinect/http-sensitive-file-probe	Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 06:41:58 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:41:54.380193 2025] [security2:error] [pid 30991:tid 31031] [client 104.207.54.15:23755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolutionaryethics.com"] [uri "/.env"] [unique_id "aSVPsuyC9VCniuHt7zA2lgAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:25:20 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:25:15.370456 2025] [security2:error] [pid 19788:tid 19788] [client 104.207.54.15:20889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.armrms.com"] [uri "/.env"] [unique_id "aSQke5zy9XsT4uSq_x3OLQAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:33:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:33:19.948563 2025] [security2:error] [pid 9200:tid 9200] [client 104.207.54.15:23585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mywhisperkids.com"] [uri "/.svn/wc.db"] [unique_id "aSQKP9Rvk-YsXjBjxN7ugQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:17:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.54.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:17:24.721367 2025] [security2:error] [pid 24685:tid 24685] [client 104.207.54.15:50039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.vrmapping.net"] [uri "/.svn/wc.db"] [unique_id "aSQGhL9-9Ln9VMHNWz-s2AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 83 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a01:4f8:150:13a5::100:2

🇬🇷 194.63.239.143

🇧🇷 190.115.84.25

🇺🇸 165.154.173.242

🇭🇰 89.213.230.34

🇵🇰 59.103.220.56

🇩🇪 45.142.247.238

🇭🇰 43.155.40.91

🇻🇪 38.183.114.47

🇺🇸 20.64.105.76

🇩🇪 3.70.5.234

🇹🇼 220.132.103.167

🇩🇪 194.88.98.122

🇭🇰 190.92.239.22

🇺🇸 172.203.224.88

🇺🇸 154.39.79.49

🇨🇳 124.117.195.113

🇮🇩 70.153.147.107

🇨🇳 58.251.168.62

🇧🇪 35.205.212.180