JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.4

104.207.52.4 was found in our database!

This IP was reported 91 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.4

Whois 104.207.52.4

IP Abuse Reports for 104.207.52.4:

This IP address has been reported a total of 91 times from 22 distinct sources. 104.207.52.4 was first reported on June 11th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-02-13 22:59:37 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-13	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-13 13:26:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:26:08.625129 2026] [security2:error] [pid 27436:tid 27436] [client 104.207.52.4:32475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millcitymakers.com"] [uri "/admin/.env"] [unique_id "aY8mcMYCPDOqFgcZnExWvAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:43:35 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:43:27.906358 2026] [security2:error] [pid 7933:tid 7933] [client 104.207.52.4:24697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "microscopicpablo.com"] [uri "/.env"] [unique_id "aY8cb61g_1KrjyuXCq0NRgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-02-13 09:08:29 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 07:11:05 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 02:10:59.977913 2026] [security2:error] [pid 3561:tid 3561] [client 104.207.52.4:29113] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "medpact.net"] [uri "/.env"] [unique_id "aY7Og1uskDEuJaldtfvDrgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:12:21 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:12:14.467228 2026] [security2:error] [pid 2354843:tid 2354843] [client 104.207.52.4:12675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcgmcg.com"] [uri "/backend/.env"] [unique_id "aY7Avvqt2IJn822bnCtLzwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-13 06:02:47 (3 months ago)	PSCSERV WPSCAN 104.207.52.4	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:54:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:54:48.004373 2026] [security2:error] [pid 5490:tid 5490] [client 104.207.52.4:37127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "masterfulenlighteningfreestudies.org"] [uri "/config/.env"] [unique_id "aY6umONYYIfkNnqaEGxeigAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-02-13 04:41:43 (3 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.207.52.4 (GB/United Kingdom/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 104.207.52.4 (GB/United Kingdom/-): 1 in the last 3600 secs show less	Web App Attack
🇫🇷 dynamix	2026-02-13 04:13:28 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 03:41:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:41:50.351995 2026] [security2:error] [pid 3190:tid 3217] [client 104.207.52.4:37551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.info"] [uri "/.env.local"] [unique_id "aY6dfvb4CmTCRsawBB7GqQAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 DocNetzwerk	2026-02-13 03:24:23 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 104.207.52.4 (GB/United Kingdom/-)	SQL Injection
🇺🇸 TPI-Abuse	2026-02-12 15:50:31 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:50:24.935788 2026] [security2:error] [pid 4026:tid 4026] [client 104.207.52.4:36735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dennisstokley.com"] [uri "/.git/config"] [unique_id "aY32wCLYEJz1yRzcK1KuGAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 09:13:38 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 04:13:35.423736 2026] [security2:error] [pid 18974:tid 18974] [client 104.207.52.4:29777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gaeltv.com"] [uri "/admin/.env"] [unique_id "aYxIPz_jDoKFS_ZnVML4DgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 08:11:20 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 03:11:13.155848 2026] [security2:error] [pid 15320:tid 15320] [client 104.207.52.4:28933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabosoftware.com"] [uri "/api/.git/config"] [unique_id "aYw5oUueWZwgSAo032ulJwAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 91 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇶 185.166.25.150

🇵🇱 143.20.97.116

🇺🇸 2620:171:f3:f0:9999::230

🇺🇸 206.81.11.220

🇩🇪 178.104.42.207

🇯🇴 172.69.173.162

🇮🇷 5.200.131.148

🇧🇷 186.219.184.142

🇧🇾 178.122.123.122

🇻🇳 171.231.176.86

🇰🇪 102.210.149.236

🇵🇱 87.251.64.176

🇺🇸 47.77.218.95

🇱🇹 45.227.254.170

🇳🇱 45.148.10.152

🇮🇳 45.43.45.254

🇨🇦 216.251.35.201

🇧🇬 79.124.40.178

🇺🇸 65.49.1.142

🇮🇩 46.202.186.249