JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.53

104.207.55.53 was found in our database!

This IP was reported 160 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.53

Whois 104.207.55.53

IP Abuse Reports for 104.207.55.53:

This IP address has been reported a total of 160 times from 25 distinct sources. 104.207.55.53 was first reported on June 18th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-23 06:52:54 (3 weeks ago)	wordpress authentication brute force	Brute-Force Web App Attack
🇪🇸 robotstxt	2026-05-07 16:26:45 (1 month ago)	104.207.55.53 - - [07/May/2026:16:26:07 +0000] "POST /wp-login.php:[email protected]/xmlrpc.ph ... show more 104.207.55.53 - - [07/May/2026:16:26:07 +0000] "POST /wp-login.php:[email protected]/xmlrpc.php HTTP/1.1" 404 45400 "-" rt="0.570" "Wget/1.21.4" "-" h="economipedia.com" sn="economipedia.com" ru="/wp-login.php:[email protected]/xmlrpc.php" u="/index.php" ucs="-" ua="unix:/var/run/php/economipedia83.sock" us="404" uct="0.000" urt="0.456" 104.207.55.53 - - [07/May/2026:16:26:11 +0000] "POST /wp-login.php:[email protected]/xmlrpc.php HTTP/1.1" 404 45399 "-" rt="0.592" "curl/7.88.1" "-" h="economipedia.com" sn="economipedia.com" ru="/wp-login.php:[email protected]/xmlrpc.php" u="/index.php" ucs="-" ua="unix:/var/run/php/economipedia83.sock" us="404" uct="0.000" urt="0.482" 104.207.55.53 - - [07/May/2026:16:26:07 +0000] "POST /wp-login.php:[email protected]/xmlrpc.php HTTP/1.1" 404 45400 "-" "Wget/1.21.4" "-" 104.207.55.53 - - [07/May/2026:16:26:11 +0000] "POST /wp-login.php:[email protected]/xmlrpc.php HTTP/1.1" 404 45399 "-" "curl/7.88.1" "-" 104.207.55 ... show less	Bad Web Bot
🇦🇺 oncord	2026-03-12 19:53:23 (3 months ago)	Form spam	Web Spam
🇳🇱 homeshowdomain.nl	2026-02-15 22:59:35 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-15	Hacking Web App Attack SSH
🇩🇪 paissangroup	2026-02-15 11:51:35 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:45:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:45:53.457926 2026] [security2:error] [pid 30803:tid 30803] [client 104.207.55.53:34373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "page-wide.com"] [uri "/.env"] [unique_id "aZGx8UA4KprQUWPSMeGgawAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 10:52:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 05:52:26.431333 2026] [security2:error] [pid 2789:tid 2789] [client 104.207.55.53:56707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oruguitas.org"] [uri "/backend/.env"] [unique_id "aZGlao1N0FYSdj7JNEIykQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:10:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:09:57.505158 2026] [security2:error] [pid 1836:tid 1860] [client 104.207.55.53:40533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oneringnetwork.net"] [uri "/.env.local"] [unique_id "aZFjNfaxUwTOactKDP5AAgAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-02-15 05:04:46 (3 months ago)	(modsecurity) srv201 ModSecurity 104.207.55.53 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Di ... show more (modsecurity) srv201 ModSecurity 104.207.55.53 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:49:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:49:31.523136 2026] [security2:error] [pid 6954:tid 6954] [client 104.207.55.53:9959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sanvayu.com"] [uri "/v2/.git/config"] [unique_id "aZFQW_Zjr5JmrmrD_umMCAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-02-15 04:30:34 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.55.53 (DE/Germany/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-15 04:26:50 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:26:43.957789 2026] [security2:error] [pid 18181:tid 18181] [client 104.207.55.53:54191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "numeralla.com"] [uri "/.env"] [unique_id "aZFLAwqXAu8SuJ2utelBCgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:06:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:06:46.801342 2026] [security2:error] [pid 5017:tid 5017] [client 104.207.55.53:15259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "powerbypage.com"] [uri "/.env.staging"] [unique_id "aZFGVglJ1yGqh0U0IHkVegAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:31:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:31:28.186817 2026] [security2:error] [pid 9914:tid 9914] [client 104.207.55.53:42437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nolaanimereviews.com"] [uri "/frontend/.env"] [unique_id "aZE-EJwXLVLqEQ6VtB8oEwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mr-Money	2026-02-15 03:27:57 (3 months ago)	scenario: crowdsecurity/http-sensitive-files - events: 5	Hacking Web App Attack

Showing 1 to 15 of 160 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.190.200

🇳🇱 91.92.40.12

🇭🇰 8.217.99.120

🇧🇷 205.210.31.145

🇨🇳 182.45.41.75

🇮🇩 182.1.135.255

🇮🇳 103.190.7.203

🇮🇳 40.81.224.200

🇪🇸 212.30.33.145

🇲🇽 189.147.19.238

🇫🇷 185.177.72.12

🇳🇱 176.65.131.192

🇳🇱 160.119.69.14

🇨🇳 115.201.194.197

🇺🇸 113.20.4.9

🇳🇱 91.92.40.7

🇪🇪 46.36.220.220

🇭🇰 18.163.129.44

🇮🇩 210.79.191.76

🇳🇱 185.236.20.195