JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.4

104.207.55.4 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.4

Whois 104.207.55.4

IP Abuse Reports for 104.207.55.4:

This IP address has been reported a total of 95 times from 20 distinct sources. 104.207.55.4 was first reported on June 4th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-15 06:44:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:44:03.335642 2026] [security2:error] [pid 16473:tid 16473] [client 104.207.55.4:42097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opticasprisma.com"] [uri "/app/.git/config"] [unique_id "aZFrM8vHGN5IgTEmPPVN2AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:19:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:19:51.983771 2026] [security2:error] [pid 11303:tid 11303] [client 104.207.55.4:56831] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scifitimeline.com"] [uri "/api/.env"] [unique_id "aZFlh1xGpEhs_tzpxciODwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-15 06:02:02 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.55.4 (DE/Germany/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.55.4 (DE/Germany/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:28:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:28:21.156852 2026] [security2:error] [pid 28842:tid 28842] [client 104.207.55.4:51963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sawmat.com"] [uri "/.git/config"] [unique_id "aZFZdQHIe2fcpkv_Ab6BUAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:26:47 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:26:43.088608 2026] [security2:error] [pid 29630:tid 29630] [client 104.207.55.4:44059] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sandboxspeech.org"] [uri "/api/.env"] [unique_id "aZFLA9hruzTQF1yxyiu3cQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 04:09:56 (3 months ago)	(modsecurity) srv102 ModSecurity 104.207.55.4 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Dir ... show more (modsecurity) srv102 ModSecurity 104.207.55.4 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:06:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:06:29.442212 2026] [security2:error] [pid 22200:tid 22259] [client 104.207.55.4:59711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "power51.com"] [uri "/backend/.env"] [unique_id "aZFGRfIf6G86OktE7M9rFgAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:34:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:34:16.108118 2026] [security2:error] [pid 15052:tid 15052] [client 104.207.55.4:25879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nomanszone.org"] [uri "/v2/.git/config"] [unique_id "aZE-uPl6nCpyz_GesezpawAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 03:05:37 (3 months ago)	Too many Status 40X (12) Scanning/Probing (13)	Brute-Force Web App Attack
🇨🇭 Origon	2026-02-15 02:46:42 (3 months ago)	http-sensitive-files - IP: 104.207.55.4 - time="2026-02-15T03:46:42+01:00" level=info msg="(555f66b ... show more http-sensitive-files - IP: 104.207.55.4 - time="2026-02-15T03:46:42+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.55.4 (DE/200373) : 4h ban on Ip 104.207.55.4" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:51:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:51:44.518249 2026] [security2:error] [pid 19196:tid 19196] [client 104.207.55.4:14959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pist.org.tr"] [uri "/frontend/.env"] [unique_id "aZEmsLoh9oBIAnXkwpfFxAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:29:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:29:23.834092 2026] [security2:error] [pid 24616:tid 24616] [client 104.207.55.4:60981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nealandmichaeleschon.com"] [uri "/wp/.git/config"] [unique_id "aZEhc-J4IsFcKgeQ_M7iNgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 00:53:17 (3 months ago)	104.207.55.4 - - [15/Feb/2026:01:53:17 +0100] "GET /new/.git/config HTTP/1.1" 301 169 "-" "Mozilla/5 ... show more 104.207.55.4 - - [15/Feb/2026:01:53:17 +0100] "GET /new/.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Web App Attack
Anonymous	2025-12-21 20:03:47 (5 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 21:40:07 (5 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.12.19 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇶 130.255.89.39

🇻🇳 116.110.3.83

🇸🇬 20.6.35.235

🇧🇷 205.210.31.220

🇺🇸 162.216.150.145

🇫🇮 147.185.133.114

🇺🇸 147.185.132.56

🇨🇳 124.227.31.100

🇮🇩 118.99.102.207

🇻🇳 116.110.0.137

🇧🇩 103.86.198.162

🇨🇿 92.62.236.60

🇬🇧 81.19.219.229

🇧🇪 35.233.96.69

🇬🇧 5.226.140.93

🇹🇼 198.235.24.71

🇮🇩 182.253.73.226

🇺🇸 162.216.149.131

🇧🇷 152.67.46.203

🇫🇮 147.185.133.113