JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.17

104.207.53.17 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.17

Whois 104.207.53.17

IP Abuse Reports for 104.207.53.17:

This IP address has been reported a total of 89 times from 18 distinct sources. 104.207.53.17 was first reported on June 3rd 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 mnsf	2026-02-16 03:05:24 (3 months ago)	Too many Status 40X (12) Scanning/Probing (16)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-02-15 12:21:51 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 07:03:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 02:03:42.841392 2026] [security2:error] [pid 6223:tid 6239] [client 104.207.53.17:60257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psychclinicforchange.com"] [uri "/config/.env"] [unique_id "aZFvzvZ1Qi5ljpkNddWIVAAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:43:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:43:22.828129 2026] [security2:error] [pid 22106:tid 22175] [client 104.207.53.17:32723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oldpl8s.com"] [uri "/.git/config"] [unique_id "aZFc-shSZQInS4HdHIcM-gAAAYg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:02:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:02:06.197856 2026] [security2:error] [pid 885586:tid 885586] [client 104.207.53.17:16201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sargentandco.com"] [uri "/api/.env"] [unique_id "aZFTTg1p6lbYBjMa-rXWhgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 04:27:17 (3 months ago)	Try to access /admin/.env	Web App Attack
🇨🇭 Origon	2026-02-15 04:07:27 (3 months ago)	http-sensitive-files - IP: 104.207.53.17 - time="2026-02-15T05:07:27+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.53.17 - time="2026-02-15T05:07:27+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.53.17 (GB/200373) : 4h ban on Ip 104.207.53.17" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:35:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:35:13.297004 2026] [security2:error] [pid 7417:tid 7417] [client 104.207.53.17:11055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sagoscapes.com"] [uri "/.env.production"] [unique_id "aZE-8RIQCfAbToSVEcKo_QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 02:05:53 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇬🇧 consul.to	2026-02-15 01:13:10 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:06:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:06:11.203248 2026] [security2:error] [pid 184123:tid 184259] [client 104.207.53.17:27945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rodela.com"] [uri "/.env"] [unique_id "aZEcA4Mh4IJV0omYQjNgQAAAAlU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:49:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:49:09.696418 2026] [security2:error] [pid 31373:tid 31373] [client 104.207.53.17:18343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naomipyle.com"] [uri "/backup/.git/config"] [unique_id "aZEYBf7Wrs_9v-CMHFWouwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 18:37:35 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:37:27.716024 2025] [security2:error] [pid 1253:tid 1253] [client 104.207.53.17:25773] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "limocorpuschristi.com"] [uri "/.git/HEAD"] [unique_id "aVAnZ-2CZlNqTkKusVgKjQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-26 13:19:11 (5 months ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.228

🇭🇰 199.45.154.184

🇮🇳 168.144.72.92

🇨🇳 117.140.193.67

🇫🇷 83.171.226.124

🇳🇱 45.148.10.147

🇩🇪 45.77.53.18

🇮🇳 43.228.112.254

🇮🇩 43.133.148.170

🇧🇪 34.79.3.251

🇧🇷 201.11.96.93

🇧🇪 198.235.24.233

🇨🇦 184.70.159.86

🇺🇸 162.216.150.171

🇨🇳 120.48.4.164

🇩🇪 62.54.176.203

🇲🇾 47.254.192.137

🇳🇱 45.148.10.157

🇬🇧 2a06:4880:c000::f4

🇺🇸 2602:fb54:1a00::94