JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.12

104.207.52.12 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.12

Whois 104.207.52.12

IP Abuse Reports for 104.207.52.12:

This IP address has been reported a total of 89 times from 19 distinct sources. 104.207.52.12 was first reported on June 18th 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 TPI-Abuse	2026-02-13 13:48:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:48:35.996179 2026] [security2:error] [pid 22833:tid 22833] [client 104.207.52.12:38083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leadslibrary.net"] [uri "/.env.save"] [unique_id "aY8rs1GPgG7arp8w1xnmTAAAAC4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:28:42 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:28:35.576017 2026] [security2:error] [pid 9254:tid 9254] [client 104.207.52.12:34361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millergrain.com"] [uri "/admin/.git/config"] [unique_id "aY8nA8MJeOSXKR1BhIqZ_gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:55:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:55:45.260730 2026] [security2:error] [pid 24790:tid 24790] [client 104.207.52.12:36325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "midwayisland.com"] [uri "/api/.git/config"] [unique_id "aY8fUZ-JTcABrPWPoGRX4AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-13 09:40:07 (3 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Bedios GmbH	2026-02-13 09:06:31 (3 months ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2026-02-13 08:17:22 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:17:19.180712 2026] [security2:error] [pid 21239:tid 21239] [client 104.207.52.12:64275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mentalmolecule.com"] [uri "/.env"] [unique_id "aY7eD8P_XfQbExmWua7mUwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:37:10 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:37:03.426225 2026] [security2:error] [pid 2401945:tid 2401945] [client 104.207.52.12:24339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maryrosevaro.com"] [uri "/site/.git/config"] [unique_id "aY6qbxfnfJhpRWlD7_YTzwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:21:04 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:20:59.937455 2026] [security2:error] [pid 13134:tid 13134] [client 104.207.52.12:28017] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marthasvineyardweddingideas.com"] [uri "/.env"] [unique_id "aY6mq4qVNJNOV6X5j4CEUgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:58:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:58:01.012086 2026] [security2:error] [pid 1202347:tid 1202347] [client 104.207.52.12:22245] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manty.com"] [uri "/.env.staging"] [unique_id "aY6TOa3wcrp1Lw7hIO0kKgAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 17:46:32 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:46:18.527876 2026] [security2:error] [pid 1475901:tid 1475901] [client 104.207.52.12:41063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dillydallyvalley.com"] [uri "/.env"] [unique_id "aY4R6rlyE0EibPp2R--TAQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:39:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:39:42.558684 2026] [security2:error] [pid 23933:tid 23933] [client 104.207.52.12:10797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "connectigramme.com"] [uri "/.env.local"] [unique_id "aY4CTvgQWADBD5oZDSaknQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-12 00:34:53 (3 months ago)	104.207.52.12 - - [12/Feb/2026:00:34:53 +0000] "GET /api/.env HTTP/1.1" 404 6186 "-" "Mozilla/5.0 (W ... show more 104.207.52.12 - - [12/Feb/2026:00:34:53 +0000] "GET /api/.env HTTP/1.1" 404 6186 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 22:10:39 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 17:10:34.962025 2026] [security2:error] [pid 2767514:tid 2767514] [client 104.207.52.12:19053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garrelsms.com"] [uri "/backend/.env"] [unique_id "aYz-WiT5eb7J1sKzf0sCbAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 kjaerulff	2026-01-15 21:19:15 (4 months ago)	Failed Wordpress login using wp-login.php	Web App Attack

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 191.5.31.61

🇲🇽 189.149.49.22

🇬🇧 185.166.42.176

🇺🇸 167.71.156.63

🇭🇰 165.154.45.135

🇯🇵 139.162.70.53

🇳🇱 104.23.168.60

🇧🇬 91.191.209.118

🇨🇦 85.217.149.70

🇮🇳 36.255.66.70

🇩🇪 8.209.82.97

🇧🇷 179.221.49.58

🇷🇺 176.124.208.194

🇸🇬 47.245.122.135

🇩🇪 43.165.6.182

🇺🇸 24.217.88.69

🇸🇬 2404:6800:4003:c20::12c

🇩🇰 185.129.61.4

🇺🇸 172.202.118.69

🇺🇸 147.185.132.138