JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.38

104.207.53.38 was found in our database!

This IP was reported 130 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.38

Whois 104.207.53.38

IP Abuse Reports for 104.207.53.38:

This IP address has been reported a total of 130 times from 15 distinct sources. 104.207.53.38 was first reported on June 11th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2025-12-28 03:03:47 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-09 19:37:23 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 14:37:17.314427 2025] [security2:error] [pid 16878:tid 16878] [client 104.207.53.38:10255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "musiclipsapp.com"] [uri "/.env"] [unique_id "aTh6bU6X2ig7xxbFmaeLjgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 23:59:30 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 18:59:26.788085 2025] [security2:error] [pid 28104:tid 28104] [client 104.207.53.38:55289] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dutchgreenrecycling.com"] [uri "/.git/HEAD"] [unique_id "aTdmXn-0rCrfOaLndgoYqgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-08 05:34:58 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 00:34:50.580379 2025] [security2:error] [pid 8246:tid 8246] [client 104.207.53.38:38641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adoniahenterprises.com"] [uri "/.svn/wc.db"] [unique_id "aTZjelN53mmUGhKw1VOONAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 22:14:45 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 17:14:37.533668 2025] [security2:error] [pid 20995:tid 20995] [client 104.207.53.38:20613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gazelleplanner.com"] [uri "/.env"] [unique_id "aTX8Te64vWKYOd4eElfGfgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 15:27:57 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 10:27:54.395002 2025] [security2:error] [pid 29852:tid 29852] [client 104.207.53.38:29175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tucek.org"] [uri "/.git/HEAD"] [unique_id "aTWc-qtdoqRkitkBF2BYKAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 21:48:43 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 16:48:37.555288 2025] [security2:error] [pid 21316:tid 21316] [client 104.207.53.38:56715] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "famagustacyprus.eu"] [uri "/.svn/wc.db"] [unique_id "aTNTNStF9ptFgqlTCc77uQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 03:48:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 22:48:38.033866 2025] [security2:error] [pid 11580:tid 11580] [client 104.207.53.38:27407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "interforce.com"] [uri "/.svn/wc.db"] [unique_id "aTJWFphI6VxAeE34Ar-HcQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:35:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:35:31.714226 2025] [security2:error] [pid 11412:tid 11412] [client 104.207.53.38:24621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beach98.com"] [uri "/.svn/wc.db"] [unique_id "aSQY0zgpMT6IVXDm7NBO6gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:20:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:19:59.860576 2025] [security2:error] [pid 29721:tid 29721] [client 104.207.53.38:14135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.bjennehall.com"] [uri "/.svn/wc.db"] [unique_id "aSP5D2GJ5kLuXyeMo42-bQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:28:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:28:35.833693 2025] [security2:error] [pid 3336553:tid 3336553] [client 104.207.53.38:38311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.capitaz.com"] [uri "/.git/HEAD"] [unique_id "aSPtAxdnNblH4vsbeHrFUAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 03:42:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:42:09.795444 2025] [security2:error] [pid 31957:tid 31957] [client 104.207.53.38:25029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "26c.org"] [uri "/.svn/wc.db"] [unique_id "aSPUES-rzKIQSvzePbjA_AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2025-11-06 23:01:45 (6 months ago)	Repeated request on blocked xmlrpc.php. 104.207.53.38 - - [07/Nov/2025:00:01:43 +0100] "POST /xmlrpc ... show more Repeated request on blocked xmlrpc.php. 104.207.53.38 - - [07/Nov/2025:00:01:43 +0100] "POST /xmlrpc.php HTTP/1.1" 400 230 "-" "Opera/9.80 (Android; Opera Mini/7.5.54678/28.2555; U; ru) Presto/2.10.289 Version/12.02" show less	Web App Attack
Anonymous	2025-10-18 15:17:57 (7 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.18 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-17 21:07:53 (7 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.17 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.17 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 130 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.244.240.36

🇳🇴 185.12.59.117

🇩🇪 167.94.146.42

🇯🇵 103.163.220.251

🇺🇸 64.62.197.227

🇬🇧 35.203.210.213

🇪🇸 5.182.83.231

🇬🇧 193.163.125.11

🇳🇱 185.242.226.60

🇺🇸 146.88.241.174

🇨🇳 118.122.147.49

🇲🇦 81.192.46.36

🇺🇸 66.132.172.188

🇺🇸 54.89.178.178

🇳🇱 45.148.10.67

🇧🇪 34.156.61.86

🇰🇷 1.176.118.246

🇮🇳 205.254.176.152

🇧🇷 205.210.31.246

🇧🇷 188.208.116.149