JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.136

104.207.53.136 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.136

Whois 104.207.53.136

IP Abuse Reports for 104.207.53.136:

This IP address has been reported a total of 133 times from 18 distinct sources. 104.207.53.136 was first reported on June 8th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-11-25 06:22:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:22:33.529573 2025] [security2:error] [pid 27101:tid 27101] [client 104.207.53.136:51297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.chipnado.com"] [uri "/.svn/wc.db"] [unique_id "aSVLKajoprxgoffsqn-CDwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 05:19:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:19:45.992060 2025] [security2:error] [pid 24175:tid 24175] [client 104.207.53.136:13423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.gdhlgroup.com"] [uri "/.git/HEAD"] [unique_id "aSU8cQ1J0xpLtDORqgvF4QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:51:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:51:40.525865 2025] [security2:error] [pid 32650:tid 32650] [client 104.207.53.136:47515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.wwts.io"] [uri "/.git/HEAD"] [unique_id "aSUnzDfTbskeKhBihQIoAgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:32:46 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:32:42.008129 2025] [security2:error] [pid 11577:tid 11577] [client 104.207.53.136:24763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.hoofprints.us"] [uri "/.svn/wc.db"] [unique_id "aSUVSt0-oM_ZVpeQOlqrUQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:00:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:00:48.660552 2025] [security2:error] [pid 13399:tid 13399] [client 104.207.53.136:18869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.desdier.com"] [uri "/.svn/wc.db"] [unique_id "aST_wMkZANzrGMbJGI2-uwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 00:32:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:31:54.369944 2025] [security2:error] [pid 30089:tid 30089] [client 104.207.53.136:16517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kirt.us"] [uri "/.env"] [unique_id "aST4-mpr_efe1Bb5L1OvzgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:54:56 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:54:51.435753 2025] [security2:error] [pid 4567:tid 4567] [client 104.207.53.136:16739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mthoodmuseum.midwayisland.com"] [uri "/.svn/wc.db"] [unique_id "aSQdW_ybfw1ng8cF4W2X5wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:09:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:09:15.805908 2025] [security2:error] [pid 31102:tid 31102] [client 104.207.53.136:26067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.janajjmcgraw.com"] [uri "/.svn/wc.db"] [unique_id "aSPoe-B-UyHICguNn3XJrAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-07 07:04:14 (7 months ago)	[redacted] 104.207.53.136 - - [07/Nov/2025:08:03:58 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" " ... show more [redacted] 104.207.53.136 - - [07/Nov/2025:08:03:58 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.44 Safari/537.36" [redacted] 104.207.53.136 - - [07/Nov/2025:08:03:59 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0_3 like Mac OS X) AppleWebKit/604.1.34 (KHTML, like Gecko) CriOS/62.0.3202.70 Mobile/15A432 Safari/604.1" [redacted] 104.207.53.136 - - [07/Nov/2025:08:04:00 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.1) Gecko/2008070206 Firefox/3.0.1" [redacted] 104.207.53.136 - - [07/Nov/2025:08:04:03 +0100] "POST /xmlrpc.php HTTP/2.0" 200 448 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.04506.30)" [redacted] 104.207.53.136 - - [07/Nov/2025:08:04:04 +0100] "POST /xmlrpc.php HTTP/2.0 ... show less	Hacking Web App Attack
🇧🇪 madeit	2025-11-04 17:54:01 (7 months ago)		Web App Attack
Anonymous	2025-10-30 14:32:29 (7 months ago)	WordPress Brute Force	Brute-Force
🇩🇪 ps-center	2025-10-27 10:00:22 (7 months ago)	C1-W: TCP-Scanner. Port: 22	Port Scan
🇵🇱 sefinek.net	2025-10-27 07:03:01 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-10-11 05:58:49 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-10 14:31:54 (7 months ago)	Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.10 is noted in report ti ... show more Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.10 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2a00:1450:4013:c06::12d

🇳🇱 45.156.87.253

🇳🇱 45.148.10.147

🇧🇪 34.62.136.239

🇲🇽 201.141.17.227

🇭🇰 199.45.155.78

🇦🇷 190.7.35.232

🇺🇸 162.217.161.21

🇰🇷 118.37.214.187

🇺🇸 104.237.245.211

🇺🇸 64.62.156.180

🇽🇰 46.99.46.154

🇫🇮 34.88.4.106

🇺🇸 34.48.190.69

🇫🇷 213.32.19.170

🇹🇳 197.5.145.150

🇧🇷 179.232.136.22

🇻🇳 171.225.184.128

🇯🇵 163.44.101.215

🇻🇳 112.137.143.2