JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.15

104.207.57.15 was found in our database!

This IP was reported 93 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.15

Whois 104.207.57.15

IP Abuse Reports for 104.207.57.15:

This IP address has been reported a total of 93 times from 20 distinct sources. 104.207.57.15 was first reported on June 11th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-02-24 10:11:47 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.57.15 (DE/Germany/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.57.15 (DE/Germany/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 14:11:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 09:11:46.021716 2026] [security2:error] [pid 18284:tid 18284] [client 104.207.57.15:50189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reiki.proyectando.com"] [uri "/.git/config"] [unique_id "aZxgInjTiHGbgjizQ2CingAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:19 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-12-21 22:31:17 (5 months ago)	Attempted brute force login to web vpn 324 time(s); last attempt for 2025.12.21 is noted in report t ... show more Attempted brute force login to web vpn 324 time(s); last attempt for 2025.12.21 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-19 22:11:39 (5 months ago)	Attempted brute force login to web vpn 164 time(s); last attempt for 2025.12.19 is noted in report t ... show more Attempted brute force login to web vpn 164 time(s); last attempt for 2025.12.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-12-01 22:50:23 (6 months ago)	Attempted brute force login to web vpn 936 time(s); last attempt for 2025.12.01 is noted in report t ... show more Attempted brute force login to web vpn 936 time(s); last attempt for 2025.12.01 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-30 23:08:44 (6 months ago)	Attempted brute force login to web vpn 885 time(s); last attempt for 2025.11.30 is noted in report t ... show more Attempted brute force login to web vpn 885 time(s); last attempt for 2025.11.30 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-28 22:52:53 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 17:52:46.176366 2025] [security2:error] [pid 23154:tid 23154] [client 104.207.57.15:59631] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|abcollie.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "abcollie.com"] [uri "/database.sql"] [unique_id "aSonvrbhuhgS4n6b2Q2EigAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-28 06:52:19 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 01:52:13.192034 2025] [security2:error] [pid 21898:tid 21898] [client 104.207.57.15:38887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alternatievemedia.com"] [uri "/wp-config.txt"] [unique_id "aSlGnQVUpmuHIOduMKjePwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 23:36:54 (6 months ago)	Attempted brute force login to web vpn 1136 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 1136 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 08:11:33 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:10:40.449332 2025] [security2:error] [pid 15972:tid 15972] [client 104.207.57.15:46795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ispeakmusic.com"] [uri "/.env"] [unique_id "aSQTAGTFp4a4CVhc-m6TdQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:00:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:00:48.724683 2025] [security2:error] [pid 2501:tid 2501] [client 104.207.57.15:42755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.gdpeters.com"] [uri "/.env"] [unique_id "aSP0kIijF7w_5c37-wjs0QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 05:38:57 (6 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:32:40 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:23.835354 2025] [security2:error] [pid 19050:tid 19050] [client 104.207.57.15:17121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.jacksonsparts.com"] [uri "/.svn/wc.db"] [unique_id "aSPf1_LYW2hM8XoVxxKi8QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-18 23:24:10 (6 months ago)	Attempted brute force login to web vpn 252 time(s); last attempt for 2025.11.18 is noted in report t ... show more Attempted brute force login to web vpn 252 time(s); last attempt for 2025.11.18 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 93 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.148.244

🇨🇦 85.217.149.14

🇳🇱 160.119.76.30

🇮🇩 157.85.207.2

🇮🇳 122.185.187.2

🇯🇵 101.36.105.94

🇩🇪 93.191.164.53

🇻🇳 45.118.136.211

🇮🇳 35.200.163.78

🇧🇷 191.5.31.61

🇨🇳 182.43.235.75

🇮🇹 172.253.228.154

🇧🇷 152.32.200.213

🇨🇳 113.221.73.196

🇺🇸 71.6.232.30

🇸🇬 47.84.101.9

🇸🇬 38.54.16.186

🇨🇳 36.138.190.235

🇧🇷 35.199.97.104

🇺🇸 2607:f8b0:4001:c5c::126