JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.197

104.207.52.197 was found in our database!

This IP was reported 123 times. Confidence of Abuse is 1%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.197

Whois 104.207.52.197

IP Abuse Reports for 104.207.52.197:

This IP address has been reported a total of 123 times from 12 distinct sources. 104.207.52.197 was first reported on June 4th 2024, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-23 05:03:15 (4 weeks ago)		Bad Web Bot
🇱🇻 garmtech.com	2026-03-30 06:06:55 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇪🇸 librebit	2026-03-29 02:01:58 (2 months ago)	Brute force	Brute-Force
🇮🇹 VHosting	2026-02-23 13:35:09 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 15:40:07 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:40:03.028728 2026] [security2:error] [pid 1817479:tid 1817491] [client 104.207.52.197:10261] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "antinats.com"] [uri "/.git/config"] [unique_id "aYtRU_Y2fg-JP7s85ZYzewAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:01:50 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:01:47.460971 2026] [security2:error] [pid 11469:tid 11469] [client 104.207.52.197:16381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idledog.com"] [uri "/.env.production"] [unique_id "aYq7u1h4RZvc1xnrl4dOcgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:31:02 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:30:54.291242 2026] [security2:error] [pid 1845:tid 1845] [client 104.207.52.197:63491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kleens-uk.com"] [uri "/site/.git/config"] [unique_id "aYq0fpwAvcehnOHRYZ5YNQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 03:11:33 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:11:29.019867 2026] [security2:error] [pid 21551:tid 21551] [client 104.207.52.197:22409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kinnaird.enterprises"] [uri "/.env.save"] [unique_id "aYqh4d2tXsaBEuEIz-ZANQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:17:57 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:17:49.070415 2026] [security2:error] [pid 23257:tid 23275] [client 104.207.52.197:51405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killyourattitude.com"] [uri "/api/.env"] [unique_id "aYqVTXufXfAJQmS5a-_MvAAAAU4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:53:27 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:53:23.862369 2026] [security2:error] [pid 3436:tid 3436] [client 104.207.52.197:30423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kenirving.com"] [uri "/backend/.env"] [unique_id "aYpzc3MzWm8O0t-YF2dO2gAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-02-09 23:37:28 (4 months ago)	Blocking for trying to access an exploit file: /app/.git/config	Hacking
🇺🇸 TPI-Abuse	2026-02-09 22:56:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 17:56:08.626761 2026] [security2:error] [pid 5899:tid 5908] [client 104.207.52.197:19209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howiek.com"] [uri "/v2/.git/config"] [unique_id "aYpmCBiTYUJElKef9bxiqgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 19:45:15 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:45:10.136219 2026] [security2:error] [pid 14020:tid 14020] [client 104.207.52.197:59499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homebuilt.org"] [uri "/frontend/.env"] [unique_id "aYo5Rswd6fVgz-I-RlK8gQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2026-01-01 02:38:09 (5 months ago)	(From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to ... show more (From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to use — affiliate links, this will be relevant. One issue I see constantly is that monetization is treated as something you “add later,” instead of something that’s designed into the site from the beginning. That usually leads to: random placement of links unclear visitor intent unpredictable income It works, but never consistently. I put together a short explanation of why this happens and what changes once monetization is structured properly: https://marketersmentor.com/recurring-income-system.php?refer=burnschiro.com You’ll know quickly whether this applies to your situation. Jayrn PS: And one quick note so you’re not wondering why you’re hearing from me: I only reach out to website owners because they’re the ones actively building something online. I’m not blasting random emails. I’m simply sharing a resource that has been helping a lot of people create predictable online in show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-11-25 07:28:59 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:28:56.333380 2025] [security2:error] [pid 31097:tid 31103] [client 104.207.52.197:14761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fevini.com"] [uri "/.git/HEAD"] [unique_id "aSVauLq9tJPt7N9iC1MQewAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 123 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.182.183.153

🇧🇳 118.103.253.188

🇱🇹 81.30.98.62

🇳🇱 45.148.10.141

🇬🇷 2a02:587:a100:9500:593d:77e4:7fc8:451e

🇬🇧 193.163.125.149

🇺🇸 172.203.245.192

🇧🇷 168.181.172.242

🇩🇪 167.94.146.62

🇹🇼 165.154.227.8

🇩🇪 141.11.107.166

🇹🇼 122.116.253.96

🇺🇸 66.132.186.170

🇿🇼 41.174.185.83

🇷🇴 2.57.122.238

🇮🇳 2401:4900:1ca2:e2a1:b448:10d4:3530:103a

🇳🇱 203.55.131.5

🇯🇵 203.25.124.113

🇺🇸 195.184.76.246

🇸🇬 172.217.44.219