JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.162

104.207.52.162 was found in our database!

This IP was reported 138 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.162

Whois 104.207.52.162

IP Abuse Reports for 104.207.52.162:

This IP address has been reported a total of 138 times from 17 distinct sources. 104.207.52.162 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 NXTwoThou	2026-05-16 13:03:15 (3 weeks ago)	/wp-json/gravitysmtp/v1/tests/mock-data%3Fpage=gravitysmtp-settings	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:41:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:41:11.493923 2026] [security2:error] [pid 30721:tid 30840] [client 104.207.52.162:57229] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lead-sleds.com"] [uri "/.env.staging"] [unique_id "aY8p93n14D_6H7Jxr0d3kwAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:14:43 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:14:40.166988 2026] [security2:error] [pid 17950:tid 17950] [client 104.207.52.162:62845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikeziegler.com"] [uri "/new/.git/config"] [unique_id "aY8jwFD8tGRJA0Ck5oVqawAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:42:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:42:51.068359 2026] [security2:error] [pid 20938:tid 20938] [client 104.207.52.162:64529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "micahgartman.com"] [uri "/.env.staging"] [unique_id "aY7yGwHLjixzGJjJ-cSP-QAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 04:35:13 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.52.162 (GB/United Kingdom/- ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.52.162 (GB/United Kingdom/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:27:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:27:03.101901 2026] [security2:error] [pid 2601945:tid 2601945] [client 104.207.52.162:20109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martinsgenser.com"] [uri "/frontend/.env"] [unique_id "aY6oF2RkUEsnVWQnhow3PAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:41:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:41:44.846407 2026] [security2:error] [pid 3190:tid 3202] [client 104.207.52.162:55507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.us"] [uri "/backend/.env"] [unique_id "aY6dePb4CmTCRsawBB7GoAAAAEQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-02-13 02:20:34 (3 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:13:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:13:47.101699 2026] [security2:error] [pid 14414:tid 14414] [client 104.207.52.162:22803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magazinesubscriptionsusa.com"] [uri "/api/.env"] [unique_id "aY56yxERjIQYbYoqc4nPUAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 15:47:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:47:04.207554 2026] [security2:error] [pid 1064809:tid 1064865] [client 104.207.52.162:38743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "degreesoflove.com"] [uri "/.git/config"] [unique_id "aY31-L-fzED4SzVk2ONwLgAAAdc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-02-11 01:11:36 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.52.162 (GB/United Kingdom/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-10 16:01:23 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 11:01:19.404887 2026] [security2:error] [pid 14622:tid 14622] [client 104.207.52.162:19361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fsmfl.com"] [uri "/wp/.git/config"] [unique_id "aYtWT_VwWfly6-6f3qSexgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2025-12-02 18:55:00 (6 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2025-12-02 05:14:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:14:41.339709 2025] [security2:error] [pid 6124:tid 6124] [client 104.207.52.162:13367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "khovanov.com"] [uri "/.git/HEAD"] [unique_id "aS51wbzcstgptBuPO4yV9gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-02 04:45:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:45:33.938587 2025] [security2:error] [pid 1738:tid 1738] [client 104.207.52.162:22939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brandsrepairandremodeling.com"] [uri "/.env"] [unique_id "aS5u7S39ti9srIfc218CxgAAABE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 138 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.50.235.135

🇩🇪 185.244.40.213

🇫🇮 74.125.74.25

🇺🇸 65.49.1.120

🇬🇧 31.14.254.46

🇨🇷 201.207.239.236

🇸🇦 154.205.134.214

🇫🇮 147.185.133.191

🇬🇧 31.14.254.32

🇬🇧 5.226.140.9

🇦🇲 5.77.202.208

🇨🇳 222.138.150.61

🇨🇳 123.160.175.168

🇻🇳 113.172.138.183

🇭🇰 101.36.112.103

🇫🇷 85.217.140.46

🇺🇸 72.240.125.133

🇷🇴 2.57.121.25

🇩🇪 213.209.159.241

🇺🇸 185.92.182.129