JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.70

104.207.52.70 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.70

Whois 104.207.52.70

IP Abuse Reports for 104.207.52.70:

This IP address has been reported a total of 121 times from 16 distinct sources. 104.207.52.70 was first reported on June 11th 2024, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-12-03 09:54:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 03 04:54:30.598268 2025] [security2:error] [pid 18713:tid 18713] [client 104.207.52.70:15491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cblanchard.paris"] [uri "/.env"] [unique_id "aTAI1sZH-OXIfuu4O0r08gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 09:56:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:56:45.118081 2025] [security2:error] [pid 12735:tid 12735] [client 104.207.52.70:11819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.recorplast.com"] [uri "/.env"] [unique_id "aSQr3bsndiAFUTuZpRez1AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:10:48 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:10:26.091851 2025] [security2:error] [pid 7666:tid 7666] [client 104.207.52.70:37419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lesdaniels.com"] [uri "/.git/HEAD"] [unique_id "aSPowtU4IVRZiVwZuY2X_QAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:48:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:48:09.696870 2025] [security2:error] [pid 21007:tid 21007] [client 104.207.52.70:24825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.herrell.net"] [uri "/.env"] [unique_id "aSPjiZjMdVC3z3z3U4lukwAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-12 11:24:17 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.11.12 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.11.12 is noted in report timestamp show less	Hacking Brute-Force
🇵🇱 sefinek.net	2025-10-31 15:25:52 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 WeCloudit-Anti-Abuse	2025-10-23 17:10:07 (7 months ago)	WAF: Block IP which is in the web-spammers RBL 2- wsit	Email Spam Brute-Force
🇵🇱 sefinek.net	2025-10-23 01:23:59 (7 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 oncord	2025-10-09 09:20:15 (8 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-10-05 04:57:53 (8 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-04-09 06:48:19 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.52.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 02:48:13.332336 2025] [security2:error] [pid 21791:tid 21791] [client 104.207.52.70:16971] [client 104.207.52.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|saratogaequity.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "saratogaequity.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_YYLbrUzFK40Q5qwvZA5wAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 13:26:59 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 20:38:29 (1 year ago)	Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 7 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 10:04:49 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 17:33:49 (1 year ago)	Attempted brute force login to web vpn 8 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 8 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 117.216.44.171

🇷🇴 92.118.39.210

🇱🇹 45.227.254.170

🇺🇸 43.166.240.231

🇩🇪 2.27.29.214

🇨🇳 218.62.15.102

🇺🇸 205.210.31.66

🇪🇹 196.189.236.162

🇭🇰 193.176.211.38

🇬🇧 193.163.125.240

🇺🇸 172.171.233.230

🇮🇳 167.71.239.213

🇩🇪 155.117.234.80

🇷🇴 141.98.83.240

🇷🇴 80.94.92.206

🇺🇸 64.225.17.153

🇭🇰 27.106.99.152

🇧🇩 182.48.70.169

🇩🇪 141.11.107.166

🇨🇳 123.13.69.169