JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.31

104.207.53.31 was found in our database!

This IP was reported 134 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.31

Whois 104.207.53.31

IP Abuse Reports for 104.207.53.31:

This IP address has been reported a total of 134 times from 15 distinct sources. 104.207.53.31 was first reported on June 5th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-06 01:03:44 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.53.31 (GB/United Kingdom/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.53.31 (GB/United Kingdom/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 mnsf	2026-02-16 00:05:43 (4 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇨🇭 Origon	2026-02-15 12:03:11 (4 months ago)	http-sensitive-files - IP: 104.207.53.31 - time="2026-02-15T13:03:11+01:00" level=info msg="(555f66 ... show more http-sensitive-files - IP: 104.207.53.31 - time="2026-02-15T13:03:11+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.53.31 (GB/200373) : 4h ban on Ip 104.207.53.31" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:51:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:51:41.800962 2026] [security2:error] [pid 7471:tid 7471] [client 104.207.53.31:15227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suedblick.com"] [uri "/admin/.env"] [unique_id "aZFQ3W09fh6KisZceJJWigAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-15 03:49:54 (4 months ago)	Blocking for trying to access an exploit file: /wp/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-15 03:15:35 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:15:27.983912 2026] [security2:error] [pid 26234:tid 26234] [client 104.207.53.31:37133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stansco.com"] [uri "/app/.git/config"] [unique_id "aZE6TwK6lAB3KSdhwL9kMwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:11:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:11:03.411369 2026] [security2:error] [pid 32333:tid 32333] [client 104.207.53.31:13741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "muddybuddypals.com"] [uri "/api/.git/config"] [unique_id "aZEdJ7ZLc-v2X-YyHrM87gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:51:13 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:51:05.972131 2026] [security2:error] [pid 663324:tid 663324] [client 104.207.53.31:44505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrcd.org"] [uri "/backup/.git/config"] [unique_id "aZEYedfmjm75jWIkr9WtAwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-15 00:34:27 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:31:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:31:33.743064 2026] [security2:error] [pid 26998:tid 26998] [client 104.207.53.31:41067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lozzy.net"] [uri "/wp/.git/config"] [unique_id "aZET5WqFZ0mJBpXQxLc3tAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-14 23:06:11 (4 months ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-14 22:59:25 (4 months ago)	Auto-ban: >3000 req/min op 2026-02-14	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-14 22:50:08 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:49:58.822242 2026] [security2:error] [pid 10051:tid 10051] [client 104.207.53.31:59511] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "morganmotors.com"] [uri "/.env.staging"] [unique_id "aZD8FsqWcr-D38fPBWX7PgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:03:45 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:03:39.496685 2026] [security2:error] [pid 8743:tid 8743] [client 104.207.53.31:24085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lewpratt.com"] [uri "/site/.git/config"] [unique_id "aZDxOx_JWUvFnN-eGUrDkQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 21:39:51 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:39:42.621584 2026] [security2:error] [pid 20389:tid 20389] [client 104.207.53.31:50503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lemoulinavent.org"] [uri "/frontend/.env"] [unique_id "aZDrng78NqHM2djx4P3dLAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 134 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.250

🇫🇮 147.185.133.2

🇨🇳 119.39.192.224

🇨🇳 117.57.106.181

🇺🇸 162.216.149.210

🇮🇳 125.19.159.186

🇮🇳 103.168.241.32

🇬🇧 87.236.176.157

🇺🇸 34.213.145.105

🇮🇳 13.71.92.229

🇳🇱 176.65.139.247

🇷🇴 141.98.83.240

🇻🇳 103.183.119.48

🇬🇧 101.36.97.88

🇩🇪 69.5.169.230

🇸🇰 46.229.233.132

🇸🇬 43.134.167.218

🇹🇿 41.93.28.23

🇮🇹 209.227.244.120

🇺🇸 194.34.105.176