JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.198

104.207.52.198 was found in our database!

This IP was reported 131 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.198

Whois 104.207.52.198

IP Abuse Reports for 104.207.52.198:

This IP address has been reported a total of 131 times from 21 distinct sources. 104.207.52.198 was first reported on June 11th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-02-11 09:01:00 (4 months ago)	SMS pumping	DDoS Attack VPN IP Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-15 08:40:50 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇺🇸 TPI-Abuse	2026-01-13 12:35:06 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:35:02.591855 2026] [security2:error] [pid 16279:tid 16279] [client 104.207.52.198:53491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weddingmusicguitar.com"] [uri "/.git/HEAD"] [unique_id "aWY79pbTqmpHYTAADmbbxQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 LRNP	2026-01-12 14:25:55 (5 months ago)	_:80 104.207.52.198 - - [12/Jan/2026:14:25:55 +0000] "GET /.env HTTP/1.1" 404 146 "-" "Mozilla/5.0 ( ... show more _:80 104.207.52.198 - - [12/Jan/2026:14:25:55 +0000] "GET /.env HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" ... show less	Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-11-26 08:44:55 (6 months ago)	trolling for resource vulnerabilities	Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:07:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:07:40.957877 2025] [security2:error] [pid 18958:tid 18958] [client 104.207.52.198:12137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.gisresults.com"] [uri "/.svn/wc.db"] [unique_id "aSZS3KGjf8_qdALOPjqw_wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 00:42:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:42:09.147709 2025] [security2:error] [pid 25808:tid 25808] [client 104.207.52.198:44251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.roguetechscene.com"] [uri "/.git/HEAD"] [unique_id "aSZM4Uoz9j9VYVUoC0du5AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:11:30 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:11:24.171095 2025] [security2:error] [pid 1271:tid 1271] [client 104.207.52.198:47967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.divineadventures.org"] [uri "/.svn/wc.db"] [unique_id "aSQhPM-UH-nBNjCSy-VHOgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:49:08 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:49:01.675702 2025] [security2:error] [pid 25103:tid 25103] [client 104.207.52.198:28545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.atidysort.com"] [uri "/.git/HEAD"] [unique_id "aSQN7SCrFt-Sbaweb-lIZAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-23 18:05:14 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 13:05:07.470866 2025] [security2:error] [pid 3311:tid 3311] [client 104.207.52.198:9485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.karenjoyce.com"] [uri "/.git/HEAD"] [unique_id "aSNM04YHOROKM1bRg8fexgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ps-center	2025-10-27 10:53:49 (7 months ago)	C1-W: TCP-Scanner. Port: 22	Port Scan
🇨🇿 lp	2025-10-18 12:20:37 (8 months ago)	SSH Brute force: 1 attempts were recorded from 104.207.52.198 2025-10-18T03:28:45+02:00 User root fr ... show more SSH Brute force: 1 attempts were recorded from 104.207.52.198 2025-10-18T03:28:45+02:00 User root from 104.207.52.198 not allowed because none of user's groups are listed in AllowGroups show less	Brute-Force SSH
🇫🇷 mrcrassi	2025-10-18 10:34:37 (8 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 openstrike.co.uk	2025-10-18 09:23:51 (8 months ago)	12 packets to port 22	Brute-Force SSH
Anonymous	2025-04-07 03:42:31 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 131 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.78

🇺🇸 162.216.149.230

🇷🇺 144.31.222.179

🇭🇰 101.36.109.176

🇨🇦 85.217.149.55

🇺🇸 74.82.47.53

🇺🇸 74.7.228.17

🇩🇪 69.5.169.93

🇸🇪 31.59.160.12

🇰🇷 14.32.106.73

🇰🇷 220.124.208.27

🇺🇸 172.56.141.192

🇮🇳 157.51.102.160

🇫🇮 147.185.133.73

🇩🇪 130.12.180.15

🇺🇸 66.132.195.119

🇺🇸 65.49.1.18

🇨🇴 45.172.218.179

🇫🇷 37.67.76.10

🇳🇱 195.178.110.30