JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.151

104.207.53.151 was found in our database!

This IP was reported 124 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.151

Whois 104.207.53.151

IP Abuse Reports for 104.207.53.151:

This IP address has been reported a total of 124 times from 9 distinct sources. 104.207.53.151 was first reported on June 6th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 martenmark	2026-06-06 10:29:24 (1 day ago)	104.207.53.151 - - [06/Jun/2026:10:29:23 +0000] "GET http://www.beapp.co/.svn/wc.db HTTP/1.1" 301 67 ... show more 104.207.53.151 - - [06/Jun/2026:10:29:23 +0000] "GET http://www.beapp.co/.svn/wc.db HTTP/1.1" 301 671 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇫🇮 inlink.ltd	2026-05-25 10:59:26 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack
Anonymous	2026-05-19 22:07:21 (2 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-05-13 12:23:06 (3 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-01-05 20:21:13 (5 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-11 00:31:36 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 19:31:28.671319 2025] [security2:error] [pid 6361:tid 6361] [client 104.207.53.151:41339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smartbittelsalvador.com"] [uri "/.env"] [unique_id "aToQ4EBbhP98UZLLrsfM7gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 23:19:02 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:18:55.017109 2025] [security2:error] [pid 4036:tid 4036] [client 104.207.53.151:16657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "corepest.com"] [uri "/.svn/wc.db"] [unique_id "aTYLX06iQ0ao9M66actwMwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:19:16 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:19:09.830808 2025] [security2:error] [pid 16604:tid 16604] [client 104.207.53.151:42195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "templebarns.org"] [uri "/.env"] [unique_id "aTWa7YSRciMIUM7C_KHP0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-06 11:13:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:12:55.321599 2025] [security2:error] [pid 5381:tid 5381] [client 104.207.53.151:42963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hookedupfishing.net"] [uri "/.env"] [unique_id "aTQPt71ciq3FlxTYt7kOYgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ingroscart.it	2025-12-06 06:03:10 (6 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.53.151 (GB/United Kingdom/-)	SQL Injection
🇺🇸 TPI-Abuse	2025-12-05 15:49:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 10:49:23.322546 2025] [security2:error] [pid 26725:tid 26725] [client 104.207.53.151:23277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neilvboyer.com"] [uri "/.svn/wc.db"] [unique_id "aTL_A5g4_lNjZpvx9ELr1QAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2025-12-05 08:09:38 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:35:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:35:31.915923 2025] [security2:error] [pid 26182:tid 26182] [client 104.207.53.151:29651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mhebert.com"] [uri "/.env"] [unique_id "aTJTA1C3U7VOptXQQKW_-wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:53:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:52:57.548106 2025] [security2:error] [pid 7331:tid 7331] [client 104.207.53.151:32091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.versallis.com"] [uri "/.env"] [unique_id "aSZriZl9ww8f2O1IEoO-GgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:40:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:40:32.434263 2025] [security2:error] [pid 3973:tid 3973] [client 104.207.53.151:33309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.joshuarawlings.com"] [uri "/.env"] [unique_id "aSZakAyHdjLDN4rV8KOqYwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 124 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 198.199.82.64

🇺🇸 192.241.141.178

🇺🇸 159.89.228.57

🇷🇸 141.98.83.111

🇮🇷 37.255.232.200

🇨🇳 14.116.187.43

🇮🇹 2.44.141.132

🇧🇷 190.89.137.38

🇩🇪 176.65.132.24

🇧🇩 103.183.62.2

🇲🇽 200.68.173.119

🇺🇸 137.184.220.131

🇰🇷 121.178.185.141

🇺🇸 107.174.91.27

🇳🇱 45.148.10.231

🇮🇩 202.145.0.61

🇺🇸 192.3.218.12

🇨🇳 114.80.32.225

🇮🇪 108.129.117.38

🇺🇸 72.10.32.138