JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.13

104.207.53.13 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.13

Whois 104.207.53.13

IP Abuse Reports for 104.207.53.13:

This IP address has been reported a total of 102 times from 20 distinct sources. 104.207.53.13 was first reported on June 21st 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nyt	2026-05-24 09:14:42 (1 week ago)	WP Author Enumeration	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:36:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:36:21.971007 2026] [security2:error] [pid 28735:tid 28735] [client 104.207.53.13:29933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "partytimegame.com"] [uri "/wp/.git/config"] [unique_id "aZG9xbo5Cwt8Z4-rEVKKvAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:18:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:18:18.147512 2026] [security2:error] [pid 18707:tid 18707] [client 104.207.53.13:26835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qualtacon.com"] [uri "/.env.save"] [unique_id "aZG5inGn47F3KcUSrMOTuwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 12:05:27 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:47:53 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:47:47.327462 2026] [security2:error] [pid 18449:tid 18449] [client 104.207.53.13:21077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paguilar.com"] [uri "/.env.save"] [unique_id "aZGyY2lteaN85C-kNMLTswAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:58:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:58:50.704520 2026] [security2:error] [pid 28203:tid 28203] [client 104.207.53.13:28003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omnithermal.com"] [uri "/app/.git/config"] [unique_id "aZFgmjtT4dr29mq9Z-YjgAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:29:00 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:28:54.286231 2026] [security2:error] [pid 857991:tid 857991] [client 104.207.53.13:24801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sawyerwest.com"] [uri "/admin/.git/config"] [unique_id "aZFZlqSJ_R6rmKMg3zSJuQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-15 05:18:25 (3 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇪🇸 masterguru	2026-02-15 05:11:13 (3 months ago)	Restricted File Access Attempt. Matched phrase "/.env" at REQUEST_FILENAME. (930130-122)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:08:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:08:35.203509 2026] [security2:error] [pid 405919:tid 405935] [client 104.207.53.13:32091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sasintegrated.com"] [uri "/site/.git/config"] [unique_id "aZFU06-tSW-IIRHmX-CSOAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2026-02-15 05:06:56 (3 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:24:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:24:25.531706 2026] [security2:error] [pid 1790:tid 1790] [client 104.207.53.13:11691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nue18.com"] [uri "/.env.local"] [unique_id "aZFKecJH4PvR0nA2YEYA7gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:07:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:07:07.797701 2026] [security2:error] [pid 22200:tid 22245] [client 104.207.53.13:52151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "powercoupling.com"] [uri "/.env.production"] [unique_id "aZFGa_If6G86OktE7M9rcwAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 03:23:06 (3 months ago)	Try to access /app/.env	Web App Attack
🇨🇭 Origon	2026-02-15 03:22:05 (3 months ago)	http-sensitive-files - IP: 104.207.53.13 - time="2026-02-15T04:22:05+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.53.13 - time="2026-02-15T04:22:05+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.53.13 (GB/200373) : 4h ban on Ip 104.207.53.13" module=db show less	Web App Attack

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 103.189.208.13

🇺🇿 95.46.211.142

🇲🇽 189.206.189.150

🇫🇮 147.185.133.130

🇷🇴 80.94.92.171

🇺🇸 2607:f8b0:400e:c09::128

🇧🇪 198.235.24.130

🇺🇸 151.240.54.190

🇺🇸 147.185.132.212

🇷🇴 80.94.95.221

🇺🇸 45.92.229.77

🇷🇴 2.57.121.112

🇫🇷 2a02:4780:27:1145:0:825:16d3:1

🇷🇺 185.209.84.234

🇨🇳 180.167.128.202

🇮🇩 103.27.251.164

🇨🇦 45.194.92.26

🇩🇪 38.123.109.227

🇬🇧 35.203.211.226

🇰🇿 2.135.114.166