JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.157

104.207.53.157 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.157

Whois 104.207.53.157

IP Abuse Reports for 104.207.53.157:

This IP address has been reported a total of 154 times from 27 distinct sources. 104.207.53.157 was first reported on June 7th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 jjnxpct	2026-02-16 04:54:58 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /app/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /app/.env] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:46:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:46:00.402074 2026] [security2:error] [pid 4887:tid 4887] [client 104.207.53.157:27803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "talamancareserve.com"] [uri "/.env.staging"] [unique_id "aZFrqEJUdRDIpZiVmNFvigAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:06:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:06:35.498443 2026] [security2:error] [pid 314087:tid 314098] [client 104.207.53.157:38109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stonyp.com"] [uri "/dev/.git/config"] [unique_id "aZFGS-YxiADdM-D-ZqVJfwAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-15 03:36:38 (3 months ago)	http-sensitive-files - IP: 104.207.53.157 - time="2026-02-15T04:36:38+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.53.157 - time="2026-02-15T04:36:38+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.53.157 (GB/200373) : 4h ban on Ip 104.207.53.157" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:54:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:54:31.622859 2026] [security2:error] [pid 17298:tid 17298] [client 104.207.53.157:34029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sra-ep.org"] [uri "/admin/.env"] [unique_id "aZE1Z7qytAX-UgwMJhPkhgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mr-Money	2026-02-15 02:44:06 (3 months ago)	scenario: crowdsecurity/http-sensitive-files - events: 5	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:37:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:37:04.743090 2026] [security2:error] [pid 303:tid 339] [client 104.207.53.157:40595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "n5brg.com"] [uri "/.env"] [unique_id "aZExUOTjh-Dl8pGktnWurAAAANM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:51:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:51:18.071115 2026] [security2:error] [pid 32401:tid 32401] [client 104.207.53.157:53909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mycherishedteddies.com"] [uri "/dev/.git/config"] [unique_id "aZEmllqZfk0BAvsv8pVZ_QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:54:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:54:22.176745 2026] [security2:error] [pid 6781:tid 6781] [client 104.207.53.157:19557] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrpinman.com"] [uri "/admin/.git/config"] [unique_id "aZEZPiRtv361p51hxKlKjgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:36:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:36:47.099845 2026] [security2:error] [pid 3953:tid 3953] [client 104.207.53.157:43225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lspfest.com"] [uri "/.git/config"] [unique_id "aZEVH5I6K7liUHJ5U0qGFQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-14 23:06:11 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:06:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:05:57.906395 2026] [security2:error] [pid 3624:tid 3624] [client 104.207.53.157:56525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "literarylights.com"] [uri "/wp/.git/config"] [unique_id "aZD_1bNVlwXjrJZSBFMtlgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:37:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:37:49.751401 2026] [security2:error] [pid 1286:tid 1286] [client 104.207.53.157:27971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "montebiancoltd.com"] [uri "/app/.git/config"] [unique_id "aZD5PUMB2laVRTMH1nrddwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:15:09 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:15:01.853509 2026] [security2:error] [pid 32561:tid 32561] [client 104.207.53.157:31859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mohsep-eg.com"] [uri "/backup/.git/config"] [unique_id "aZDz5aMCmKBZ_-yy-9AcqgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 21:58:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:58:38.431690 2026] [security2:error] [pid 9671:tid 9671] [client 104.207.53.157:40167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leveeboard.org"] [uri "/.env"] [unique_id "aZDwDmv8Q3PJe6yjeYS3nwAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.172.124

🇱🇺 64.89.160.167

🇧🇷 205.210.31.234

🇺🇸 173.255.225.139

🇺🇸 147.185.132.180

🇩🇪 130.12.181.106

🇰🇷 119.194.43.53

🇺🇿 95.46.211.142

🇺🇸 66.132.195.95

🇰🇷 61.252.209.186

🇺🇸 50.84.211.204

🇳🇱 45.148.10.152

🇲🇽 38.22.170.10

🇬🇧 35.203.211.61

🇩🇪 213.95.191.47

🇧🇷 205.210.31.248

🇨🇳 175.11.242.68

🇫🇮 147.185.133.168

🇺🇸 107.173.100.35

🇨🇳 106.75.185.227