JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.128

104.207.53.128 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.128

Whois 104.207.53.128

IP Abuse Reports for 104.207.53.128:

This IP address has been reported a total of 129 times from 16 distinct sources. 104.207.53.128 was first reported on June 22nd 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 ThreatBook.io	2026-05-16 22:23:41 (3 weeks ago)	ThreatBook Intelligence: http_proxy,vpn_proxy more details on https://threatbook.io/ip/104.207.53.12 ... show more ThreatBook Intelligence: http_proxy,vpn_proxy more details on https://threatbook.io/ip/104.207.53.128 2026-05-16 13:10:09 /base/post.php,{"body":"act=appcode","content_type":"application/x-www-form-urlencoded","header":{"Accept":["application/x-shockwave-flash, image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, /"],"Accept-Encoding":["identity"],"Accept-Language":["zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3"],"Content-Length":["11"],"Content-Type":["application/x-www-form-urlencoded"],"Dnt":["1"],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Chrome/23.0.1271.64 Safari/537.11"]},"host":"39.129.113.77:8444","method":"POST","proto":"HTTP/1.1","remote_addr":"104.207.53.128:59693","status_code":200,"url":"/base/post.php","user_agent":"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Chrome/23.0.1271.64 Safari/537.11"} show less	Web App Attack
🇦🇺 MAGIC	2026-05-12 00:03:26 (4 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇳 ThreatBook.io	2026-04-12 22:24:20 (1 month ago)	ThreatBook Intelligence: http_proxy,Dynamic IP more details on https://threatbook.io/ip/104.207.53.1 ... show more ThreatBook Intelligence: http_proxy,Dynamic IP more details on https://threatbook.io/ip/104.207.53.128 2026-04-12 00:59:48 /video/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-20 12:01:29 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 07:01:23.975623 2026] [security2:error] [pid 7363:tid 7385] [client 104.207.53.128:47037] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gotogps.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gotogps.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZhNE-hAt8RTn6YtoDHNLgAAARQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-02-14 22:24:06 (3 months ago)	ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.53.128 2 ... show more ThreatBook Intelligence: http_proxy,Zombie more details on https://threatbook.io/ip/104.207.53.128 2026-02-14 02:45:48 /v3/api-docs 2026-02-14 02:45:45 /prod-api/v2/api-docs 2026-02-14 02:45:46 /swagger/v1/swagger.json 2026-02-14 02:45:47 /api/swagger.json 2026-02-14 02:45:47 /swagger/docs/v1 2026-02-14 02:45:46 /v2/api-docs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 06:04:00 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:03:55.613521 2025] [security2:error] [pid 24610:tid 24610] [client 104.207.53.128:29053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diveshop-pr.com"] [uri "/.env"] [unique_id "aVIZyx-QYVK4EPcKftZqmwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 11:55:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:55:21.153016 2025] [security2:error] [pid 13246:tid 13246] [client 104.207.53.128:20157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.abcollie.com"] [uri "/.git/HEAD"] [unique_id "aSbqqb3sAfEJ11yX3HhDZQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-26 08:38:30 (6 months ago)	"GET /.svn/wc.db HTTP/1.1"	Hacking Web App Attack
🇫🇮 Shaik Sai Meera	2025-11-26 02:45:09 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-26 00:03:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:03:29.152087 2025] [security2:error] [pid 13365:tid 13365] [client 104.207.53.128:18279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.victorvictor.biz"] [uri "/.git/HEAD"] [unique_id "aSZD0ezEo39j21Ia0UK87gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:21:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:21:45.500924 2025] [security2:error] [pid 743:tid 743] [client 104.207.53.128:54791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.the-board-shop.com"] [uri "/.git/HEAD"] [unique_id "aSUgySfCGqgKDnZzgYEaGwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:58:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:58:15.303915 2025] [security2:error] [pid 19455:tid 19455] [client 104.207.53.128:36149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thetallships.com"] [uri "/.git/HEAD"] [unique_id "aSQCB-nxi1ZjKXTLp4pcDAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-23 18:30:41 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 13:30:26.775660 2025] [security2:error] [pid 30607:tid 30607] [client 104.207.53.128:51219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.customteeskilleen.com"] [uri "/.env"] [unique_id "aSNSwg6oRfsj7LaHZkP8wQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Aetherweb Ark	2025-11-18 23:56:42 (6 months ago)	(mod_security) mod_security (id:949110) triggered by 104.207.53.128 (GB/United Kingdom/-): N in the ... show more (mod_security) mod_security (id:949110) triggered by 104.207.53.128 (GB/United Kingdom/-): N in the last X secs show less	Web App Attack

Showing 1 to 15 of 129 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 220.132.88.169

🇬🇧 195.26.44.193

🇵🇾 143.255.140.220

🇧🇷 131.161.249.165

🇺🇸 104.168.79.23

🇮🇩 103.15.226.202

🇷🇺 62.16.41.154

🇬🇧 35.203.210.61

🇬🇧 2a05:d01c:8c7:6800:fa1f:3402:8e79:96c6

🇮🇷 217.219.186.2

🇦🇺 180.222.175.234

🇺🇸 170.106.163.84

🇫🇷 141.94.74.124

🇺🇸 128.203.204.124

🇺🇸 103.143.11.150

🇱🇹 81.30.98.158

🇬🇧 35.189.111.244

🇺🇸 34.11.237.36

🇳🇱 2001:67c:e60:c0c:192:42:116:45

🇲🇽 187.140.57.215