JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.236

104.207.52.236 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.236

Whois 104.207.52.236

IP Abuse Reports for 104.207.52.236:

This IP address has been reported a total of 145 times from 24 distinct sources. 104.207.52.236 was first reported on June 22nd 2024, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-04-06 11:28:02 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.52.236 (GB/United Kingdom/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.52.236 (GB/United Kingdom/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇫🇷 masterguru	2026-03-26 12:17:06 (2 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.52.236 (GB/United Kingdom/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.52.236 (GB/United Kingdom/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇱🇻 garmtech.com	2026-03-20 07:22:43 (2 months ago)	IM360 WAF: WordPress plugin/theme auto install block	Web App Attack
🇩🇪 BlueWire Hosting	2026-02-13 14:01:48 (3 months ago)	Probing websites for vulnerabilities	SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 13:59:15 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:59:10.291515 2026] [security2:error] [pid 10036:tid 10036] [client 104.207.52.236:32905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "learningbyshipping.com"] [uri "/app/.env"] [unique_id "aY8uLnApJAmrtWx2WotcvgAAADI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:46:17 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:46:10.370732 2026] [security2:error] [pid 13026:tid 13026] [client 104.207.52.236:34885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medgi.co"] [uri "/v2/.git/config"] [unique_id "aY7IsnJDDVo0tTX-1qRp6AAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 04:42:52 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.52.236 (GB/United Kingdom/- ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 104.207.52.236 (GB/United Kingdom/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:12:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:12:34.160841 2026] [security2:error] [pid 21834:tid 21875] [client 104.207.52.236:45609] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maroontribe.com"] [uri "/app/.env"] [unique_id "aY6kskROvpmJnDlW3uVwewAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:15:07 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:15:01.417790 2026] [security2:error] [pid 18356:tid 18356] [client 104.207.52.236:61727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marcedinc.com"] [uri "/.env.staging"] [unique_id "aY6XNSeUCHpN78GOFoJWnAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 02:16:13 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 21:16:07.364822 2026] [security2:error] [pid 22893:tid 22893] [client 104.207.52.236:29257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maldivesautismcentre.org"] [uri "/backup/.git/config"] [unique_id "aY6JZxOwwi1SAYeXv__5qQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:56:51 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:56:47.761756 2026] [security2:error] [pid 2475279:tid 2475279] [client 104.207.52.236:46431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "majersigns.com"] [uri "/new/.git/config"] [unique_id "aY6E310LEoAVhujc142yFAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 01:07:27 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:07:21.728383 2026] [security2:error] [pid 11619:tid 11619] [client 104.207.52.236:58841] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madrigalscripts.com"] [uri "/.env.save"] [unique_id "aY55SZg14S3ekSqe-ObisAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 20:03:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 15:03:11.261222 2026] [security2:error] [pid 29907:tid 29907] [client 104.207.52.236:43631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iamnotguilty.com"] [uri "/.git/config"] [unique_id "aY4x_xvmAfraQVcEOtvHMwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 19:32:55 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 14:32:48.075784 2026] [security2:error] [pid 1822914:tid 1822914] [client 104.207.52.236:41007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftiptondds.com"] [uri "/.git/config"] [unique_id "aY4q4AvL3hORO5WO4ODeOAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:58:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:58:30.756334 2026] [security2:error] [pid 30483:tid 30483] [client 104.207.52.236:26751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crescentcitycafe.net"] [uri "/.env"] [unique_id "aY4Gtqn5wB-VNv4DxB-5dwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 145 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.210

🇳🇱 185.223.235.47

🇨🇦 85.217.149.55

🇬🇧 81.19.219.219

🇳🇱 45.148.10.157

🇦🇷 190.137.140.51

🇲🇽 189.169.77.217

🇧🇷 179.185.227.77

🇨🇳 119.29.198.247

🇳🇱 62.250.234.181

🇺🇸 38.148.99.59

🇺🇸 38.141.252.55

🇬🇧 31.14.254.55

🇬🇧 217.146.80.99

🇲🇾 203.121.40.210

🇧🇷 186.235.38.27

🇨🇷 186.177.88.21

🇺🇸 162.216.150.157

🇺🇸 147.185.132.105

🇬🇧 139.28.176.28