JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.87

104.207.52.87 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 2%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.87

Whois 104.207.52.87

IP Abuse Reports for 104.207.52.87:

This IP address has been reported a total of 136 times from 12 distinct sources. 104.207.52.87 was first reported on June 4th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-30 01:03:42 (1 week ago)	dot file probe	Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 04:17:26 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 23:17:20.622443 2026] [security2:error] [pid 5724:tid 5724] [client 104.207.52.87:61961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artglass-jerusalem.net"] [uri "/.env.local"] [unique_id "aY1UUCI60ut8PhzvnxXoNAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 02:44:24 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 21:44:19.812180 2026] [security2:error] [pid 1171731:tid 1171731] [client 104.207.52.87:30339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arsndetx.com"] [uri "/.env.production"] [unique_id "aY0-g2-8rZZo6Hm_hiLq9QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2026-02-11 23:28:49 (3 months ago)	/backup/.git/config	Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 22:49:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 17:49:49.984075 2026] [security2:error] [pid 8877:tid 8877] [client 104.207.52.87:59241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "applemaccomputerconsulting.com"] [uri "/admin/.git/config"] [unique_id "aYu2DSyqOzmuFCVrVoLbgwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 06:31:49 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:31:46.498469 2026] [security2:error] [pid 13306:tid 13306] [client 104.207.52.87:44067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ilanknapp.com"] [uri "/api/.git/config"] [unique_id "aYrQ0l8Roh4wUq0PRhmc3AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 05:05:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:05:28.391297 2026] [security2:error] [pid 26682:tid 26682] [client 104.207.52.87:54093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmp.net"] [uri "/test/.git/config"] [unique_id "aYq8mCseLtB0TR_8pK2eZQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 04:39:18 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:39:12.997315 2026] [security2:error] [pid 2876:tid 2876] [client 104.207.52.87:20603] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idahopictures.com"] [uri "/.git/config"] [unique_id "aYq2cCu2jCDLOyRt6f3rgwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-10 02:58:40 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 21:58:34.237423 2026] [security2:error] [pid 12808:tid 12834] [client 104.207.52.87:9169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-masmx.com"] [uri "/.env.staging"] [unique_id "aYqe2itDVRwtbLhRmDQD8QAAAVg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-09 23:54:36 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 18:54:30.954069 2026] [security2:error] [pid 6128:tid 6128] [client 104.207.52.87:14241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kenmalone.com"] [uri "/api/.env"] [unique_id "aYpzthNwOiNXcwh2UV9TRgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Swiptly	2026-01-15 08:16:01 (4 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2026-01-14 19:33:50 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 14:33:44.676398 2026] [security2:error] [pid 12765:tid 12765] [client 104.207.52.87:51681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "normteslaa.com"] [uri "/.git/HEAD"] [unique_id "aWfvmPHsO8geRuJ2DM_36wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-13 12:35:53 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 13 07:35:46.859742 2026] [security2:error] [pid 7873:tid 7873] [client 104.207.52.87:34701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cnprsalestraining.com"] [uri "/.svn/wc.db"] [unique_id "aWY8IsP473YNi1cL4NAb7wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 13:17:42 (6 months ago)	Attempted brute force login to web vpn 1185 time(s); last attempt for 2025.11.27 is noted in report ... show more Attempted brute force login to web vpn 1185 time(s); last attempt for 2025.11.27 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-11-26 11:52:34 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 186.56.11.2

🇺🇸 173.239.211.122

🇮🇳 103.91.246.101

🇩🇪 213.209.159.228

🇩🇪 213.209.159.56

🇰🇷 211.223.107.86

🇻🇪 190.120.252.204

🇺🇦 178.151.34.1

🇧🇷 172.217.37.28

🇩🇪 172.69.150.242

🇨🇳 121.229.107.184

🇨🇳 120.246.79.200

🇨🇳 101.96.195.62

🇩🇪 64.89.163.173

🇫🇷 45.95.233.88

🇸🇪 192.178.94.26

🇯🇵 160.251.206.106

🇸🇪 155.4.79.254

🇳🇴 109.239.229.109

🇿🇦 105.233.67.36