JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.253

104.207.52.253 was found in our database!

This IP was reported 155 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.253

Whois 104.207.52.253

IP Abuse Reports for 104.207.52.253:

This IP address has been reported a total of 155 times from 27 distinct sources. 104.207.52.253 was first reported on June 11th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-02-15 23:06:18 (3 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-02-15 12:50:46 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇮🇩 Burayot	2026-02-15 12:13:25 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.52.253 (GB/United Kingdom/- ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.52.253 (GB/United Kingdom/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:31:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:31:00.229808 2026] [security2:error] [pid 26066:tid 26066] [client 104.207.52.253:44055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taafe.net"] [uri "/dev/.git/config"] [unique_id "aZFoJAv6-WDmZJB1JJIWgwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:25:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:25:17.995300 2026] [security2:error] [pid 13606:tid 13606] [client 104.207.52.253:49951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stringview.com"] [uri "/backup/.git/config"] [unique_id "aZFKrXhzeqmQbaLGlhJjTwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:06:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:06:50.859635 2026] [security2:error] [pid 28065:tid 28065] [client 104.207.52.253:37499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stacyfarm.com"] [uri "/.env.local"] [unique_id "aZE4SnpzfLfCr_tOwTit5wAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:15:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:15:31.552091 2026] [security2:error] [pid 16319:tid 16319] [client 104.207.52.253:42453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "speakertrainerconsultantpatdavis.com"] [uri "/config/.env"] [unique_id "aZEsQ76i9e-FOuzsj5q2XQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:20:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:20:01.130494 2026] [security2:error] [pid 21843:tid 21843] [client 104.207.52.253:55765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mumawvickers.com"] [uri "/api/.git/config"] [unique_id "aZEfQfTk8CrWRg0jVbCZ1wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:50:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:50:55.628615 2026] [security2:error] [pid 20172:tid 20172] [client 104.207.52.253:14865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrbaystreet.com"] [uri "/api/.git/config"] [unique_id "aZEYbwGRRrZNY5WfUAio-AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 00:30:10 (3 months ago)	HACK	Brute-Force
🇦🇺 2000cn.com.au	2026-02-15 00:28:04 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:12:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:12:43.468151 2026] [security2:error] [pid 12406:tid 12406] [client 104.207.52.253:45235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "losbarbarosdelnorte.com"] [uri "/app/.git/config"] [unique_id "aZEPe16uYHdn8Oq6tvuz7QAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:49:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:49:34.835835 2026] [security2:error] [pid 21131:tid 21131] [client 104.207.52.253:31159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "logicpuzzles.com"] [uri "/app/.env"] [unique_id "aZEKDsMjg_MZgyStUuuENgAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-02-14 23:36:00 (3 months ago)	.env scanning [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:43:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:42:55.806113 2026] [security2:error] [pid 10061:tid 10061] [client 104.207.52.253:44947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "limoelpaso.com"] [uri "/backend/.env"] [unique_id "aZD6b65J98guXdvqgCoJ7gAAACU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 155 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 15.237.182.124

🇩🇪 195.63.31.78

🇺🇸 192.227.131.77

🇧🇷 152.32.199.20

🇮🇪 108.129.114.179

🇩🇪 91.98.70.204

🇺🇸 74.235.121.84

🇺🇸 66.132.186.127

🇺🇸 64.62.156.15

🇩🇪 52.58.48.215

🇳🇱 45.142.193.53

🇺🇸 18.221.179.104

🇺🇸 12.156.67.18

🇮🇷 5.239.153.35

🇦🇺 3.24.124.117

🇳🇱 64.225.81.189

🇸🇬 8.222.216.230

🇨🇳 1.15.52.154

🇺🇸 162.216.150.107

🇺🇸 162.216.150.40