JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.53.27

104.207.53.27 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.53.27

Whois 104.207.53.27

IP Abuse Reports for 104.207.53.27:

This IP address has been reported a total of 144 times from 20 distinct sources. 104.207.53.27 was first reported on June 14th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-05-08 06:40:07 (4 weeks ago)	Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ... show more Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 mnsf	2026-02-16 00:05:36 (3 months ago)	Scanning/Probing (25)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 12:49:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:49:36.494005 2026] [security2:error] [pid 25756:tid 25756] [client 104.207.53.27:41161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "testrong.com"] [uri "/admin/.env"] [unique_id "aZHA4I-X6NEpqERu5f9CvwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-02-15 12:49:30 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 11:43:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:43:53.358213 2026] [security2:error] [pid 26844:tid 26844] [client 104.207.53.27:36047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tcit.org"] [uri "/v2/.git/config"] [unique_id "aZGxeX3Y5gWUNmYdClwP_gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 06:35:45 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:35:40.659364 2026] [security2:error] [pid 11724:tid 11724] [client 104.207.53.27:62883] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tactara.net"] [uri "/new/.git/config"] [unique_id "aZFpPLuJbP-SWa9d5RNEyAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:34:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:34:45.609984 2026] [security2:error] [pid 19636:tid 19636] [client 104.207.53.27:13947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "susanoneill.us"] [uri "/admin/.git/config"] [unique_id "aZFa9aR2Zmep9VdKcrCeAgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 AvonleaConsulting	2026-02-15 04:52:39 (3 months ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:23:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:23:49.779844 2026] [security2:error] [pid 184121:tid 184188] [client 104.207.53.27:45545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "strengthsmatter.com"] [uri "/app/.git/config"] [unique_id "aZFKVTQWjcuk3jEODCU8vQAAAcQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:49:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:49:44.974876 2026] [security2:error] [pid 4659:tid 4659] [client 104.207.53.27:19315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stevenkloepfer.com"] [uri "/.env.save"] [unique_id "aZFCWDqRN38hLrDKWbvYRAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 03:34:06 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:34:00.216308 2026] [security2:error] [pid 22199:tid 22227] [client 104.207.53.27:64161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steedtimber.com"] [uri "/.env"] [unique_id "aZE-qL6k6LPKjSLyJxBWtgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:45:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:44:55.283636 2026] [security2:error] [pid 28075:tid 28075] [client 104.207.53.27:24975] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naghmehfarahmand.com"] [uri "/admin/.git/config"] [unique_id "aZEzJwDwTTel_nweFNdkHgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:20:44 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:20:39.142660 2026] [security2:error] [pid 30044:tid 30044] [client 104.207.53.27:25133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "speedgo.mx"] [uri "/.env.staging"] [unique_id "aZEtd73OKtxWT64GM36uXAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 02:00:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.53.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:00:20.586215 2026] [security2:error] [pid 3273:tid 3273] [client 104.207.53.27:27007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soviaenterprises.com"] [uri "/dev/.git/config"] [unique_id "aZEotLu6PRZZiLIczhnihgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.104.19.160

🇨🇳 106.117.110.52

🇺🇸 20.163.33.23

🇺🇸 20.96.179.87

🇷🇴 2.57.121.112

🇳🇱 185.223.235.62

🇧🇷 177.174.125.183

🇮🇳 143.110.187.49

🇭🇰 101.36.121.72

🇺🇸 74.82.47.44

🇺🇸 68.235.46.43

🇮🇳 68.183.89.16

🇺🇸 52.146.21.82

🇸🇬 51.79.177.223

🇺🇸 50.255.62.89

🇺🇸 45.146.54.180

🇨🇳 14.103.118.197

🇯🇵 205.234.202.51

🇺🇸 200.10.44.188

🇧🇪 198.235.24.178