JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.42

104.207.53.42 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.42

Whois 104.207.53.42

IP Abuse Reports for 104.207.53.42:

This IP address has been reported a total of 127 times from 14 distinct sources. 104.207.53.42 was first reported on June 4th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2025-11-26 08:14:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:14:37.205215 2025] [security2:error] [pid 26510:tid 26510] [client 104.207.53.42:17499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.argentinas.com"] [uri "/.svn/wc.db"] [unique_id "aSa27ZaWsuxxG4DH2uPckgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 05:35:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:35:11.683201 2025] [security2:error] [pid 27597:tid 27597] [client 104.207.53.42:25111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jemsfood.com"] [uri "/.svn/wc.db"] [unique_id "aSaRj90hE9DtEGuydJdV4AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:24:26 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:24:20.717751 2025] [security2:error] [pid 24704:tid 24704] [client 104.207.53.42:36459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.cvtheory.com"] [uri "/.svn/wc.db"] [unique_id "aSZk1GVfo4l7OHeBX4frBQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:05:38 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:05:35.132744 2025] [security2:error] [pid 7160:tid 7160] [client 104.207.53.42:39967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.36hoursonly.com"] [uri "/.git/HEAD"] [unique_id "aSZSXzJSuW3ao7GZN0HOWwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 08:54:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:54:05.303130 2025] [security2:error] [pid 28548:tid 28548] [client 104.207.53.42:9171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.blackriverarc.org"] [uri "/.env"] [unique_id "aSQdLWr8I_nyEudxuv_zsAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:40:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:40:16.508707 2025] [security2:error] [pid 10695:tid 10821] [client 104.207.53.42:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.magicdiscovery.com"] [uri "/.git/HEAD"] [unique_id "aSP90CFZz-lT68YT4kPTRwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 00:39:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 19:17:07.811979 2025] [security2:error] [pid 25948:tid 25948] [client 104.207.53.42:36605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.embossednapkins.com"] [uri "/.svn/wc.db"] [unique_id "aSOkAzfLbJfnMSx_a1A6rAAAAD0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-09 10:48:51 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 104.207.53.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 05:48:44.021782 2025] [security2:error] [pid 28727:tid 28727] [client 104.207.53.42:38487] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.marat.info\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.marat.info"] [uri "/s3cmd.ini"] [unique_id "aRBxjOXK-y5jMGpfKDdkmAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-11-01 03:31:12 (7 months ago)	622 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇩🇪 Marc	2025-10-29 20:12:49 (7 months ago)		Brute-Force
Anonymous	2025-10-16 10:58:02 (7 months ago)	WordPress Brute Force	Brute-Force
🇦🇺 oncord	2025-10-09 12:46:19 (7 months ago)	Form spam	Web Spam
🇪🇸 10dencehispahard SL	2025-10-09 05:46:11 (7 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇦🇺 oncord	2025-10-07 13:24:05 (8 months ago)	Form spam	Web Spam

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.177.179.146

🇬🇧 195.96.139.169

🇳🇱 185.242.226.92

🇺🇸 152.32.207.124

🇺🇸 143.198.225.197

🇨🇳 118.196.134.248

🇹🇼 110.25.114.8

🇭🇰 101.36.122.129

🇨🇦 66.85.30.4

🇯🇵 35.189.151.182

🇩🇪 34.179.188.22

🇦🇺 34.151.129.95

🇺🇸 34.125.31.131

🇮🇳 34.100.193.82

🇮🇳 34.100.169.123

🇭🇰 34.92.162.232

🇧🇪 34.79.94.141

🇧🇪 34.78.204.11

🇰🇷 34.64.95.83

🇺🇸 34.16.250.90