JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.103

104.207.53.103 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.103

Whois 104.207.53.103

IP Abuse Reports for 104.207.53.103:

This IP address has been reported a total of 133 times from 14 distinct sources. 104.207.53.103 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
Anonymous	2026-02-11 09:01:00 (3 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 09:52:49 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:52:37.057345 2025] [security2:error] [pid 16909:tid 16909] [client 104.207.53.103:51721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marshall-islands-boat-registration.com"] [uri "/.env"] [unique_id "aTfxZch6-5qlp53D9cPvEQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 18:22:18 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 13:22:14.128816 2025] [security2:error] [pid 5367:tid 5367] [client 104.207.53.103:12147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bankcardtexas.com"] [uri "/.svn/wc.db"] [unique_id "aTXF1oQTADrdhlOCGZrC9wAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 16:19:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 11:19:09.792173 2025] [security2:error] [pid 2466:tid 2466] [client 104.207.53.103:16477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "method-one.net"] [uri "/.svn/wc.db"] [unique_id "aTRXfaIJl4PH3cijpr3iSQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 12:27:07 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:27:00.822550 2025] [security2:error] [pid 29115:tid 29115] [client 104.207.53.103:41927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gerrytolentino.net"] [uri "/.git/HEAD"] [unique_id "aTQhFNxM3CZ6Ea2kjTigZQAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:17:22 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:17:16.964686 2025] [security2:error] [pid 32209:tid 32209] [client 104.207.53.103:35797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spaceritual.net"] [uri "/.svn/wc.db"] [unique_id "aTQQvDP0sc7vqKwkNs-6yQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 10:53:12 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 05:53:07.427667 2025] [security2:error] [pid 8721:tid 8721] [client 104.207.53.103:46421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andrewweigel.name"] [uri "/.env"] [unique_id "aTQLE7e60WHlPym1PPCFegAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:45:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:45:21.496215 2025] [security2:error] [pid 1093:tid 1093] [client 104.207.53.103:29103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "laradioactivitat.com"] [uri "/.svn/wc.db"] [unique_id "aTJxceS4KRz3Rbu2iieErgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-04 23:36:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 18:36:44.242110 2025] [security2:error] [pid 30251:tid 30251] [client 104.207.53.103:59849] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artsafloat.com"] [uri "/.svn/wc.db"] [unique_id "aTIbDHvFdZ6ZNvVXVULNVgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 02:02:34 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇮🇹 Rosh	2025-10-17 08:04:15 (7 months ago)	[10/17/25 10:04:15] SSH: authentication failure	Brute-Force SSH
🇦🇺 oncord	2025-10-15 19:26:10 (7 months ago)	Form spam	Web Spam
🇺🇸 oncord	2025-10-13 23:07:10 (7 months ago)	Form spam	Web Spam
Anonymous	2025-10-11 06:27:26 (7 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.89

🇯🇵 207.56.225.202

🇹🇼 198.235.24.83

🇹🇼 198.235.24.80

🇬🇧 193.163.125.25

🇰🇷 183.104.220.84

🇺🇸 154.197.57.136

🇺🇸 151.240.93.164

🇺🇸 147.185.132.50

🇰🇷 114.199.37.129

🇨🇦 85.217.149.58

🇨🇳 81.69.97.55

🇺🇸 64.62.197.85

🇮🇩 36.73.185.29

🇬🇧 198.244.183.103

🇹🇼 198.235.24.77

🇬🇧 195.140.214.27

🇪🇨 186.4.240.226

🇺🇸 173.255.236.247

🇹🇼 165.154.227.8