JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.66

104.207.53.66 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 18%: ?

18%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.66

Whois 104.207.53.66

IP Abuse Reports for 104.207.53.66:

This IP address has been reported a total of 142 times from 18 distinct sources. 104.207.53.66 was first reported on June 6th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 F242	2026-05-22 20:04:33 (2 weeks ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇬🇧 PeravixGroup	2026-05-22 11:32:19 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇨🇳 ThreatBook.io	2026-05-15 22:42:04 (3 weeks ago)	ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/104.207.53.66 20 ... show more ThreatBook Intelligence: vpn_proxy,Gateway more details on https://threatbook.io/ip/104.207.53.66 2026-05-15 08:27:47 /druid/index.html show less	Web App Attack
🇨🇳 ThreatBook.io	2026-04-16 22:34:23 (1 month ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/104.207.53.66 2026-04-16 16 ... show more ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/104.207.53.66 2026-04-16 16:05:50 /news/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) 2026-04-16 04:34:38 /video/index.php?c=search&catid=23%20and%20(select%201%20from%20(select%20count(),concat(md5(1),floor(rand(0)2))x%20from%20information_schema.tables%20group%20by%20x)a) show less	Web App Attack
🇨🇳 ThreatBook.io	2025-12-07 22:26:17 (5 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/104.207.53.66 202 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/104.207.53.66 2025-12-07 06:18:53 /prod-api/v2/api-docs 2025-12-07 06:18:31 /index.php?s=member&c=api&m=checktitle&id=13&title=123&module=news,(SELECT(CASE%20WHEN%201%20THEN%20EXP(5000)%20ELSE%200%20END))%20as%20aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 2025-12-07 06:18:31 /index.php?s=member&c=api&m=checktitle&id=13&title=123&module=news,(SELECT(CASE%20WHEN%200%20THEN%20EXP(5000)%20ELSE%200%20END))%20as%20aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa show less	Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 13:34:57 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 08:34:54.146288 2025] [security2:error] [pid 23023:tid 23023] [client 104.207.53.66:46519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zacharyschwartzman.com"] [uri "/.git/HEAD"] [unique_id "aS7q_vpTmmthTqLq2CNWCwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 08:27:35 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:27:32.722024 2025] [security2:error] [pid 11603:tid 11603] [client 104.207.53.66:15069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ileronde.com"] [uri "/.svn/wc.db"] [unique_id "aS6i9L98JBru8X2A3NXfuQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:49:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:49:14.855823 2025] [security2:error] [pid 31069:tid 31069] [client 104.207.53.66:60797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accordionstars.com"] [uri "/.git/HEAD"] [unique_id "aS592llMN6zHHcY7gAytiAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 05:20:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:19:56.678405 2025] [security2:error] [pid 26399:tid 26419] [client 104.207.53.66:54263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sloveniaflyfishing.com"] [uri "/.git/HEAD"] [unique_id "aS52_EhlTJHE6APNwDEnBgAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:57:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:57:57.118903 2025] [security2:error] [pid 28191:tid 28191] [client 104.207.53.66:22129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robinnixon.net.nixonpublishing.com"] [uri "/.env"] [unique_id "aSaI1eKHTed89NydRz9ZGwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:42:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:42:07.974265 2025] [security2:error] [pid 5332:tid 5332] [client 104.207.53.66:39115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.paulaperez.com"] [uri "/.git/HEAD"] [unique_id "aSUJb1fDKd8Ws_DuaH4J3wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-11-24 16:39:25 (6 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 05:27:09 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 00:27:05.505682 2025] [security2:error] [pid 27298:tid 27298] [client 104.207.53.66:56029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aabondwnc.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aRLJKfKgcanggHkuX_-pmwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Marc	2025-10-29 21:00:54 (7 months ago)		Brute-Force
🇦🇺 AWW-Admin	2025-10-29 13:51:14 (7 months ago)	(wordpress) Failed wordpress login from 104.207.53.66 (GB/United Kingdom/-)	Brute-Force

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 216.155.93.75

🇺🇿 213.230.108.143

🇭🇷 188.252.188.171

🇷🇺 158.58.133.185

🇩🇪 139.19.117.131

🇳🇱 91.92.42.133

🇪🇹 196.188.116.56

🇳🇱 176.65.139.56

🇺🇸 149.115.147.91

🇵🇱 143.20.97.127

🇨🇳 121.225.55.155

🇨🇳 111.61.117.120

🇨🇱 101.44.10.88

🇳🇱 45.8.17.109

🇺🇸 18.97.26.107

🇲🇽 186.96.145.241

🇩🇪 178.254.33.75

🇺🇸 147.185.132.16

🇷🇺 94.243.9.250

🇱🇹 81.30.98.49