JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.200

104.207.53.200 was found in our database!

This IP was reported 172 times. Confidence of Abuse is 3%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.200

Whois 104.207.53.200

IP Abuse Reports for 104.207.53.200:

This IP address has been reported a total of 172 times from 25 distinct sources. 104.207.53.200 was first reported on June 5th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 15:14:51 (1 week ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-02-15 12:29:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:29:20.643694 2026] [security2:error] [pid 13740:tid 13740] [client 104.207.53.200:36079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "queenscountyparade.org"] [uri "/.env.save"] [unique_id "aZG8IGr_3_zRw5UDw_a7gwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:36:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:36:14.576844 2026] [security2:error] [pid 31982:tid 31982] [client 104.207.53.200:33277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pa-ksa.com"] [uri "/config/.env"] [unique_id "aZGvrlvHAi_GyR9lEorhVQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:05:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:05:18.758015 2026] [security2:error] [pid 1855:tid 1855] [client 104.207.53.200:31697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "otrantocapital.com"] [uri "/.env"] [unique_id "aZGobj7yEx_9mY9d5qJ4gAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:55:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:55:27.367057 2026] [security2:error] [pid 971459:tid 971459] [client 104.207.53.200:21087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pscc.com"] [uri "/.env.staging"] [unique_id "aZFt3zdGpKCzVvTsgarrhAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 06:07:47 (3 months ago)	Too many Status 40X (12) Scanning/Probing (12)	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-02-15 05:49:40 (3 months ago)	Try to access /admin/.env	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:44:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:44:17.164949 2026] [security2:error] [pid 22104:tid 22130] [client 104.207.53.200:28135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oldramona.com"] [uri "/new/.git/config"] [unique_id "aZFdMZdbqspsQW1awXBAbgAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:17:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:17:41.862944 2026] [security2:error] [pid 284712:tid 284712] [client 104.207.53.200:37939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nsightsound.com"] [uri "/dev/.git/config"] [unique_id "aZFI5XSgIFYqFWFlHHDTNQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:36:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:36:35.405243 2026] [security2:error] [pid 9759:tid 9759] [client 104.207.53.200:10563] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sagoscapes.com"] [uri "/wp/.git/config"] [unique_id "aZE_Q_hRkj50WkKDS-ywHgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:08:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:08:35.773402 2026] [security2:error] [pid 3581:tid 3581] [client 104.207.53.200:47493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "poland-yacht-registration.com"] [uri "/.env.staging"] [unique_id "aZE4szXIuUgRPbdeY1lsNAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:15:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:15:09.880202 2026] [security2:error] [pid 23286:tid 23311] [client 104.207.53.200:32307] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newports.net"] [uri "/.env.production"] [unique_id "aZEsLZO6c80OtUPzKnPCiAAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 01:44:25 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:44:20.012614 2026] [security2:error] [pid 23981:tid 23981] [client 104.207.53.200:52937] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rosecityexpress.com"] [uri "/backup/.git/config"] [unique_id "aZEk9Jb2nOyuSPBAd8SWpAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 OptimusGO	2026-01-13 01:15:25 (4 months ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-01-13 01:15:15 UTC Log evidence: show less	Port Scan Brute-Force
🇬🇧 OptimusGO	2026-01-10 01:01:13 (5 months ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-01-10 01:01:13 UTC Log evidence: show less	Port Scan Brute-Force

Showing 1 to 15 of 172 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a940:302:118:0:27::

🇧🇷 201.77.175.200

🇮🇳 103.188.48.226

🇷🇴 80.94.92.165

🇳🇱 45.142.193.139

🇫🇷 82.208.22.35

🇯🇵 59.128.198.150

🇳🇱 45.153.34.112

🇬🇧 35.203.210.94

🇰🇷 34.64.116.121

🇫🇮 5.181.169.63

🇧🇪 198.235.24.214

🇨🇳 182.44.2.93

🇨🇳 117.50.209.123

🇨🇱 93.180.210.18

🇱🇹 81.30.98.144

🇻🇪 38.159.50.164

🇳🇱 23.109.176.19

🇸🇪 20.240.241.205

🇰🇷 14.37.206.136