JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.234

104.207.53.234 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.234

Whois 104.207.53.234

IP Abuse Reports for 104.207.53.234:

This IP address has been reported a total of 142 times from 15 distinct sources. 104.207.53.234 was first reported on June 19th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-23 01:24:24 (2 weeks ago)	Honeypot detection: Privilege escalation / elevation attempt on port 8080. Severity: CRITICAL. Aaran ... show more Honeypot detection: Privilege escalation / elevation attempt on port 8080. Severity: CRITICAL. Aaran.cloud show less	Hacking
🇬🇧 PeravixGroup	2026-05-22 11:37:36 (2 weeks ago)	Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: ME ... show more Honeypot detection: Elasticsearch unauthorized access / data leak attempt on port 9200. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-02-15 12:42:12 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:42:05.232305 2026] [security2:error] [pid 30036:tid 30126] [client 104.207.53.234:16711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tnccivic.org"] [uri "/backend/.env"] [unique_id "aZG_HQI7StZD4nLPY_NJpgAAAIA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-02-15 12:17:59 (3 months ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:22:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:22:14.840215 2026] [security2:error] [pid 15317:tid 15317] [client 104.207.53.234:51359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theurbanlogger.com"] [uri "/.env.production"] [unique_id "aZGsZrsqEq8uNn5QfVVPTwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:03:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:03:16.941905 2026] [security2:error] [pid 26514:tid 26514] [client 104.207.53.234:18835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "syconline.com"] [uri "/frontend/.env"] [unique_id "aZFhpDy-SLUWPLAh6G8MEAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-15 04:48:33 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /dev/.git/config (Rule ID: 930130) - Restricted File Access Attempt show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:19:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:19:24.367892 2026] [security2:error] [pid 18603:tid 18603] [client 104.207.53.234:10603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "strawberryhillchristmas.com"] [uri "/.env.local"] [unique_id "aZFJTKIIOptMI0TPL-j79QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:42:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:42:04.063948 2026] [security2:error] [pid 20690:tid 20690] [client 104.207.53.234:42805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stenbot.com"] [uri "/wp/.git/config"] [unique_id "aZFAjDy_8CAPRhvzaqUtfAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:15:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:15:38.079391 2026] [security2:error] [pid 25698:tid 25698] [client 104.207.53.234:56255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stansco.com"] [uri "/site/.git/config"] [unique_id "aZE6WvmsSQJViqAayI7AUQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:26:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:26:36.463624 2026] [security2:error] [pid 217226:tid 217226] [client 104.207.53.234:56477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mysticbitchsalon.com"] [uri "/backup/.git/config"] [unique_id "aZEu3CYcQtYKVfxgMO4ccgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:33:41 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:33:38.584991 2026] [security2:error] [pid 15446:tid 15446] [client 104.207.53.234:12851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "machinetoolsjwk.com"] [uri "/.env.staging"] [unique_id "aZEiclA4tQ9BUKEjnI4ajwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:51:30 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:51:22.154837 2026] [security2:error] [pid 557418:tid 557418] [client 104.207.53.234:33267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "linhsbridal.com"] [uri "/v2/.git/config"] [unique_id "aZD8alZBAAvoSLYADX3HlgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-02-14 22:48:12 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:29:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:29:12.628921 2026] [security2:error] [pid 32124:tid 32124] [client 104.207.53.234:21903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lifetimelearning.science"] [uri "/v2/.git/config"] [unique_id "aZD3OFQZtUamywGnsHYbxQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 147.161.162.167

🇵🇰 103.213.112.188

🇺🇸 216.180.246.49

🇩🇪 213.209.159.231

🇹🇼 198.235.24.101

🇹🇭 182.53.207.106

🇺🇸 162.216.149.217

🇺🇸 147.125.252.43

🇺🇸 136.144.19.162

🇺🇸 135.119.112.115

🇸🇬 103.250.11.116

🇵🇰 103.26.82.26

🇱🇹 81.30.98.44

🇺🇸 66.132.172.211

🇺🇸 65.49.1.217

🇺🇸 65.49.1.35

🇳🇱 45.142.193.164

🇧🇪 34.156.191.201

🇺🇸 18.119.209.50

🇮🇸 5.175.218.131