JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.62

104.207.53.62 was found in our database!

This IP was reported 137 times. Confidence of Abuse is 21%: ?

21%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.62

Whois 104.207.53.62

IP Abuse Reports for 104.207.53.62:

This IP address has been reported a total of 137 times from 29 distinct sources. 104.207.53.62 was first reported on June 4th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 pm33	2026-06-03 16:19:38 (1 day ago)	Wordpress login attempts	Brute-Force
🇫🇷 ELYAZ	2026-05-31 04:13:41 (5 days ago)	(y4) Failed scan -byebye- from 104.207.53.62 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
🇫🇷 ELYAZ	2026-05-30 03:07:42 (6 days ago)	(y4) Failed scan -byebye- from 104.207.53.62 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-28 20:06:51 (1 week ago)	[server.tmg.gr] httpd-login-spray-site: sites=cardiobridge2023.gr; logs=/var/log/httpd/domains/cardi ... show more [server.tmg.gr] httpd-login-spray-site: sites=cardiobridge2023.gr; logs=/var/log/httpd/domains/cardiobridge2023.gr.log; samples=site_wide=true \| distinct_ips=16 \| /wp-login.php show less	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-09 22:59:32 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-09	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-09 21:31:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:31:23.186845 2026] [security2:error] [pid 31001:tid 31001] [client 104.207.53.62:54419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gardenstateakitaclub.org"] [uri "/.git/config"] [unique_id "aYpSK331yZ175GGndQ_7OwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 etu brutus	2026-02-09 21:05:09 (3 months ago)	104.207.53.62 has been banned for [WebApp Attack] ...	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:41:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:41:11.490069 2026] [security2:error] [pid 7534:tid 7534] [client 104.207.53.62:14933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamerah.net"] [uri "/frontend/.env"] [unique_id "aYpGZ2u19aZIkvOeWc6i7wAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 20:18:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:18:13.106598 2026] [security2:error] [pid 12159:tid 12159] [client 104.207.53.62:26861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gallodestinationservices.com"] [uri "/api/.env"] [unique_id "aYpBBaJ97wMM1jjIyJd_UwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 17:57:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 12:57:36.955275 2026] [security2:error] [pid 5565:tid 5582] [client 104.207.53.62:49041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "furball.co.uk"] [uri "/.env.production"] [unique_id "aYogEDlkrzGQpyYkm24OdAAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 10:56:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 05:56:18.152904 2026] [security2:error] [pid 6133:tid 6133] [client 104.207.53.62:36581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gainow.net"] [uri "/backend/.env"] [unique_id "aYm9Us2D6lvspwOODW0-vAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 10:02:11 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 05:02:06.128410 2026] [security2:error] [pid 5731:tid 5731] [client 104.207.53.62:35275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabosoftware.com"] [uri "/api/.git/config"] [unique_id "aYmwnsG1XEQJMYuswwcEaAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 05:22:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 00:22:16.375089 2026] [security2:error] [pid 31385:tid 31385] [client 104.207.53.62:25597] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fundingworkingcapital.com"] [uri "/api/.env"] [unique_id "aYlvCGUQIk96hsRM-2zNAAAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mind5t0rm	2026-01-31 11:51:40 (4 months ago)	(WPLOGIN) WP Login Attack 104.207.53.62 (GB/United Kingdom/-): 3 in the last 3600 secs; Ports: ; Di ... show more (WPLOGIN) WP Login Attack 104.207.53.62 (GB/United Kingdom/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 104.207.53.62 - - [31/Jan/2026:18:35:27 +0700] "GET /wp-login.php HTTP/2.0" 200 2468 "-" "curl/8.6.0" 104.207.53.62 - - [31/Jan/2026:18:35:28 +0700] "POST /wp-login.php HTTP/2.0" 302 0 "https://www.zerowaterthailand.com/wp-login.php" "curl/8.6.0" 104.207.53.62 - - [31/Jan/2026:18:51:39 +0700] "GET /wp-login.php HTTP/2.0" 200 2452 "-" "curl/7.88.1" show less	Port Scan
🇫🇷 dynamix	2026-01-02 11:06:23 (5 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 137 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 176.88.84.123

🇺🇸 172.190.89.127

🇬🇧 167.71.132.111

🇨🇦 85.217.149.1

🇹🇭 58.11.120.150

🇮🇳 38.183.54.49

🇷🇺 37.77.150.67

🇷🇴 2.57.122.177

🇨🇳 223.199.189.218

🇺🇸 162.216.149.49

🇨🇳 124.174.129.198

🇰🇿 92.47.62.130

🇫🇷 82.67.205.182

🇰🇷 58.226.230.112

🇴🇲 37.40.91.83

🇺🇸 2607:f8b0:4001:c18::12e

🇺🇸 2600:3c03::2000:7eff:febd:cfb1

🇩🇪 213.209.159.241

🇳🇵 202.70.78.237

🇫🇷 172.71.118.189