JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.247

104.207.53.247 was found in our database!

This IP was reported 169 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.247

Whois 104.207.53.247

IP Abuse Reports for 104.207.53.247:

This IP address has been reported a total of 169 times from 29 distinct sources. 104.207.53.247 was first reported on June 11th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-07 11:53:47 (1 month ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-02-19 05:43:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:42:57.459099 2026] [security2:error] [pid 5948:tid 5948] [client 104.207.53.247:51571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kulprid.com"] [uri "/.env"] [unique_id "aZai4WF-E71JenKv2RSO_gAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 02:38:34 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:38:27.266509 2026] [security2:error] [pid 19712:tid 19712] [client 104.207.53.247:58189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keaborner.com"] [uri "/app/.git/config"] [unique_id "aZZ3o4HnCbbKX_prfAzqIQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 23:52:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 18:52:20.089127 2026] [security2:error] [pid 13595:tid 13595] [client 104.207.53.247:44427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vintagetejas.com"] [uri "/.env"] [unique_id "aZZQtPQiqiOuGxURjKNo_QAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 23:21:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 18:21:17.171152 2026] [security2:error] [pid 27934:tid 27934] [client 104.207.53.247:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vertubet.com"] [uri "/.env"] [unique_id "aZZJbWATRl5M6Ti-YEd1igAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-02-18 12:42:19 (3 months ago)	http-sensitive-files - IP: 104.207.53.247 - time="2026-02-18T13:42:19+01:00" level=info msg="(555f6 ... show more http-sensitive-files - IP: 104.207.53.247 - time="2026-02-18T13:42:19+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.53.247 (GB/200373) : 4h ban on Ip 104.207.53.247" module=db show less	Web App Attack
🇺🇸 mnsf	2026-02-16 00:05:36 (4 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:51:05 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:50:56.967539 2026] [security2:error] [pid 5506:tid 5506] [client 104.207.53.247:57007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testrong.com"] [uri "/api/.git/config"] [unique_id "aZHBMJbRv6eoclgkIksInAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-02-15 12:51:02 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:27:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:26:49.007068 2026] [security2:error] [pid 12082:tid 12082] [client 104.207.53.247:20445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title23.com"] [uri "/.env.production"] [unique_id "aZG7iXoXxi9XOhU4tQqVpwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:52:23 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:52:18.779687 2026] [security2:error] [pid 9436:tid 9436] [client 104.207.53.247:11531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thunderbirdchimes.com"] [uri "/admin/.git/config"] [unique_id "aZGzclBwJgIkZSWdSRqoLAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:16:39 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:16:32.106242 2026] [security2:error] [pid 25253:tid 25253] [client 104.207.53.247:26213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thetallships.com"] [uri "/.env.production"] [unique_id "aZGrEAYw7rsEY-HWLhErNwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 06:32:10 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:52:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:52:12.765908 2026] [security2:error] [pid 349457:tid 349457] [client 104.207.53.247:34809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swetzer.net"] [uri "/new/.git/config"] [unique_id "aZFfDPT1InoU0yKgZmPr3wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:33:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:33:52.223941 2026] [security2:error] [pid 4336:tid 4336] [client 104.207.53.247:10649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "susansimmons.net"] [uri "/.env"] [unique_id "aZFawOOexGp-DVE9cv4JJwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 169 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:fb5::280

🇨🇳 221.13.234.187

🇺🇸 205.210.31.66

🇮🇩 203.175.125.179

🇺🇸 191.102.163.53

🇨🇴 186.169.86.3

🇺🇸 172.71.223.163

🇺🇸 147.185.132.22

🇵🇱 138.124.20.112

🇨🇦 85.217.149.72

🇩🇪 69.5.169.209

🇩🇪 63.177.84.234

🇨🇳 61.53.79.120

🇺🇸 34.127.116.246

🇺🇸 34.21.1.141

🇨🇦 24.225.207.45

🇹🇭 223.207.244.62

🇫🇮 194.124.210.127

🇳🇱 192.42.116.50

🇦🇿 185.40.34.211