JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.110

104.207.52.110 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 8%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.110

Whois 104.207.52.110

IP Abuse Reports for 104.207.52.110:

This IP address has been reported a total of 140 times from 20 distinct sources. 104.207.52.110 was first reported on June 4th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-19 22:30:14 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇮🇹 [email protected]	2026-04-18 06:20:57 (1 month ago)	[Sat Apr 18 08:20:57.213758 2026] [authz_core:error] [pid 560720:tid 560765] [remote 104.207.52.110: ... show more [Sat Apr 18 08:20:57.213758 2026] [authz_core:error] [pid 560720:tid 560765] [remote 104.207.52.110:61097] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php ... show less	Brute-Force Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-12 04:40:33 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:40:29.837204 2026] [security2:error] [pid 18784:tid 18784] [client 104.207.52.110:24731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "articulaterecords.com"] [uri "/test/.git/config"] [unique_id "aY1ZvS1chvf14oD9rB_u3AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 jjnxpct	2026-02-11 04:53:11 (3 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /admin/.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /admin/.env] show less	Hacking Web App Attack
🇧🇾 lns.bz	2026-02-10 21:05:24 (3 months ago)	.env scanning [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:32:52 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:32:48.679652 2026] [security2:error] [pid 9184:tid 9184] [client 104.207.52.110:28559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "10besthotels.com"] [uri "/v2/.git/config"] [unique_id "aYtPoO9jZp364F50B-jhfwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:04:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:04:44.564829 2026] [security2:error] [pid 27999:tid 27999] [client 104.207.52.110:54265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmnr.net"] [uri "/test/.git/config"] [unique_id "aYq8bN8ABBHsJBs6j_4EKAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:38:16 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:38:05.896409 2026] [security2:error] [pid 2381:tid 2381] [client 104.207.52.110:39007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibcnu.com"] [uri "/.env.local"] [unique_id "aYqoHQvXcquInnHHTveaYwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:52:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:52:47.276116 2026] [security2:error] [pid 30171:tid 30171] [client 104.207.52.110:15241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hxctechllc.com"] [uri "/.env.save"] [unique_id "aYqPbzxF2stoc0ghFmP4ZQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 01:23:03 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:22:56.709416 2026] [security2:error] [pid 5269:tid 5279] [client 104.207.52.110:30435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khalessilaw.com"] [uri "/site/.git/config"] [unique_id "aYqIcLk8htmo_Z-NcJ604QAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-09 22:59:55 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-09	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-09 22:44:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:44:12.288404 2026] [security2:error] [pid 1386:tid 1386] [client 104.207.52.110:52463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "houston-church-of-god.org"] [uri "/.git/config"] [unique_id "aYpjPHkGF7cL5MAbFwmZMQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 22:07:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:07:25.454502 2026] [security2:error] [pid 11491:tid 11491] [client 104.207.52.110:11149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathynash.com"] [uri "/backup/.git/config"] [unique_id "aYpand1FK7nZG3BtpBwxxgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 21:45:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:45:07.845308 2026] [security2:error] [pid 31700:tid 31700] [client 104.207.52.110:51919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotdamnsam.com"] [uri "/api/.env"] [unique_id "aYpVYxG50r2uWGWuUv9lZQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇱 200.83.225.36

🇪🇹 196.190.180.43

🇺🇸 173.248.4.245

🇺🇸 165.154.202.142

🇸🇳 154.124.140.166

🇻🇳 103.166.182.155

🇷🇴 2.57.121.112

🇮🇪 2a05:d018:10df:d400:d63e:99c1:fe10:502c

🇫🇮 147.185.133.168

🇱🇹 81.30.98.142

🇧🇷 45.205.1.240

🇦🇹 45.95.243.135

🇬🇧 35.203.210.44

🇫🇷 193.70.112.123

🇧🇷 186.239.41.74

🇳🇱 176.65.139.56

🇩🇪 167.94.146.50

🇺🇸 135.119.112.78

🇩🇪 92.208.16.254

🇫🇷 91.160.157.134