JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.148

104.207.52.148 was found in our database!

This IP was reported 157 times. Confidence of Abuse is 27%: ?

27%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.148

Whois 104.207.52.148

IP Abuse Reports for 104.207.52.148:

This IP address has been reported a total of 157 times from 27 distinct sources. 104.207.52.148 was first reported on June 7th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇾 lns.bz	2026-06-01 01:56:33 (4 days ago)	Banned for trying to access xmlrpc [BY]	Web App Attack
🇫🇷 ELYAZ	2026-05-29 21:13:56 (6 days ago)	(y4) Failed scan -byebye- from 104.207.52.148 (GB/United Kingdom/-): (CF_ENABLE)	Hacking
Anonymous	2026-05-29 12:19:38 (1 week ago)	Web attack blocked by Wordfence on kernoverlegsibbe-ijzeren.nl (1 hit). Reported by CRMON.	Web App Attack
🇩🇪 FeG Deutschland	2026-05-29 00:04:44 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇺🇸 ezsystems.com	2026-02-27 09:01:53 (3 months ago)		Web Spam
🇹🇷 rtbh.com.tr	2026-02-13 20:11:35 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2026-02-13 13:43:29 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:43:23.400976 2026] [security2:error] [pid 2786744:tid 2786744] [client 104.207.52.148:27801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leadek.com"] [uri "/new/.git/config"] [unique_id "aY8qex8ukubpP0eTh-P8wQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:47:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:47:21.926594 2026] [security2:error] [pid 479:tid 479] [client 104.207.52.148:39997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "midcityrotary.org"] [uri "/admin/.env"] [unique_id "aY8dWf7LZne2kqtQEESvZgAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:15:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:15:51.440793 2026] [security2:error] [pid 18169:tid 18169] [client 104.207.52.148:37683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mexicanfriedicecreammix.com"] [uri "/admin/.env"] [unique_id "aY7rx8mwPEfnSrJAFvAG5QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-02-13 08:50:04 (3 months ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:35:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:35:02.148767 2026] [security2:error] [pid 18722:tid 18744] [client 104.207.52.148:18071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meanmouse.com"] [uri "/v2/.git/config"] [unique_id "aY7GFrI3sTMnaW9GZY2aCgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:58:59 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:58:56.017731 2026] [security2:error] [pid 1908034:tid 1908106] [client 104.207.52.148:50409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "masterscertification.com"] [uri "/backup/.git/config"] [unique_id "aY6vkGyow04PUXjo15WVywAAAcg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-02-13 04:51:53 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:34:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:34:13.291817 2026] [security2:error] [pid 2891:tid 2891] [client 104.207.52.148:35667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marykaydesign.net"] [uri "/v2/.git/config"] [unique_id "aY6pxXkEGYSxQinPB4bL6gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 157 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.238

🇫🇮 204.168.158.186

🇷🇺 178.177.40.36

🇺🇸 172.253.91.144

🇦🇷 138.121.104.37

🇫🇷 45.154.138.104

🇧🇪 34.22.176.211

🇮🇪 3.248.248.40

🇨🇳 182.151.61.36

🇺🇸 167.172.133.85

🇯🇵 133.167.92.227

🇨🇳 14.103.115.143

🇬🇧 2a09:bac5:385a:278::3f:ba

🇷🇺 95.108.213.116

🇹🇷 95.9.191.100

🇳🇱 89.21.67.157

🇳🇱 85.11.167.30

🇺🇸 34.138.223.21

🇵🇰 14.1.106.55

🇮🇳 182.95.43.50