JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.145

104.207.52.145 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.145

Whois 104.207.52.145

IP Abuse Reports for 104.207.52.145:

This IP address has been reported a total of 133 times from 17 distinct sources. 104.207.52.145 was first reported on June 2nd 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-03-20 07:21:32 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:57 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-08 23:59:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 18:59:37.683105 2025] [security2:error] [pid 16418:tid 16418] [client 104.207.52.145:52395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seshetmusic.com"] [uri "/.svn/wc.db"] [unique_id "aTdmaZVYGAW_mk9fp095WQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 22:20:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 17:20:17.988695 2025] [security2:error] [pid 16526:tid 16526] [client 104.207.52.145:53771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimmimorikawa.com"] [uri "/.env"] [unique_id "aTX9oeW4pH3k0tvuIMnJ9AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-06 18:11:13 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-05 07:52:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:52:00.771794 2025] [security2:error] [pid 1707:tid 1707] [client 104.207.52.145:28303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mvseasea.com"] [uri "/.env"] [unique_id "aTKPIFgVOAOoxN9xkjL4JgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 07:31:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 02:31:00.908260 2025] [security2:error] [pid 8155:tid 8163] [client 104.207.52.145:39379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trolanrestoration.com"] [uri "/.git/HEAD"] [unique_id "aTKKNHxqsRXvxcFMc1BgWgAAAIQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 05:51:28 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 00:51:23.408899 2025] [security2:error] [pid 8212:tid 8212] [client 104.207.52.145:39121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artattackgraphics.com"] [uri "/.env"] [unique_id "aTJy21sQ4sjh8pCLOwilcAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 00:40:16 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 19:39:51.177492 2025] [security2:error] [pid 7701:tid 7701] [client 104.207.52.145:43621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "banjogram.com"] [uri "/.svn/wc.db"] [unique_id "aTIp18N-CLE5rcVLO-fXnAAAAHE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:44:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:44:07.466059 2025] [security2:error] [pid 29817:tid 29817] [client 104.207.52.145:42881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.equitysaver.biz"] [uri "/.env"] [unique_id "aSPwpw5qyEMFgf7WnVG9GAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:55:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:55:47.611186 2025] [security2:error] [pid 732:tid 732] [client 104.207.52.145:11801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.anytimesign.com"] [uri "/.env"] [unique_id "aSPlUzd6njJCR5zOIboHagAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 02:26:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 21:26:06.790554 2025] [security2:error] [pid 24367:tid 24367] [client 104.207.52.145:46343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.angelsofrhodeisland.com"] [uri "/.env"] [unique_id "aSPCPrEI0rZqAyyf3nq4GQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-10-16 05:00:59 (7 months ago)	Form spam	Web Spam
🇺🇸 oncord	2025-10-13 09:47:52 (8 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-04-09 06:47:59 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.52.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 02:47:56.605222 2025] [security2:error] [pid 2260489:tid 2260489] [client 104.207.52.145:47877] [client 104.207.52.145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|halblog.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "halblog.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_YYHLyhzLl-y5PyPkfjYQAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 160.251.185.39

🇸🇬 159.65.143.17

🇨🇳 123.160.223.72

🇨🇳 119.98.79.125

🇫🇷 85.217.140.37

🇮🇳 52.172.177.191

🇩🇪 34.179.238.184

🇦🇷 200.89.159.59

🇬🇭 197.251.249.81

🇭🇰 182.16.91.194

🇺🇸 172.239.62.109

🇺🇸 159.203.76.216

🇦🇷 152.170.181.72

🇺🇸 135.237.126.76

🇨🇳 123.144.27.76

🇹🇭 118.194.251.37

🇸🇬 118.26.111.107

🇨🇳 106.12.83.168

🇻🇳 103.241.43.193

🇫🇷 85.217.140.40