JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.39.52

104.207.39.52 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.39.52

Whois 104.207.39.52

IP Abuse Reports for 104.207.39.52:

This IP address has been reported a total of 142 times from 16 distinct sources. 104.207.39.52 was first reported on June 20th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-23 04:45:48 (2 days ago)	Web App Attack	Web App Attack
Anonymous	2026-04-02 14:26:50 (2 months ago)	Forum/form spam	Web Spam
🇮🇹 VHosting	2026-02-18 22:16:47 (4 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-14 23:20:48 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 104.207.39.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 104.207.39.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:20:45.141750 2026] [security2:error] [pid 20010:tid 20010] [client 104.207.39.52:41143] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|21north.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "21north.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZEDTSVADsCHCUuL3PL9VAAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-25 14:51:54 (5 months ago)	Forum/form spam	Web Spam
🇺🇸 nowyouknow	2026-01-06 08:45:05 (5 months ago)	(From [email protected]) This message is addressed to the administrator ... show more (From [email protected]) This message is addressed to the administrator of bessettechiropractic.com. We are an agency providing powerful SEO and digital marketing solutions designed to increase your visibility, traffic, and conversions. OUR SERVICES INCLUDE: - Social Media Management - Website Traffic - SEO Backlinks - Social Bookmarking Backlinks - Google Ranking - Google Maps Ranking - YouTube Ranking - Content Creation - Video Production - Get Real Clients - Full SEO Campaigns & Agency Services Whether your goal is boosting YouTube, driving more website traffic, or strengthening your SEO, we can help you achieve results. View more here: https://rb.gy/t7gc5i Best regards, SEO Expert & Specialist To unsubscribe, please reply with subject: Unsubscribe !bessettechiropractic.com show less	Phishing Web Spam
Anonymous	2026-01-04 22:37:45 (5 months ago)	Forum/form spam	Web Spam
Anonymous	2025-12-07 03:28:28 (6 months ago)	botnet	DDoS Attack
🇺🇸 oncord	2025-12-03 01:54:31 (6 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-11-24 08:53:31 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:53:22.632869 2025] [security2:error] [pid 243932:tid 243986] [client 104.207.39.52:9521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.pershia.net"] [uri "/.svn/wc.db"] [unique_id "aSQdAlc8EtVRkmyAMeu8VAAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:27:15 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:27:08.282479 2025] [security2:error] [pid 27435:tid 27435] [client 104.207.39.52:38069] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.frankweyer.com"] [uri "/.env"] [unique_id "aSP6vPQSPEmK1xE31iIq1QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:35:57 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.39.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 104.207.39.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:35:42.741603 2025] [security2:error] [pid 15355:tid 15355] [client 104.207.39.52:13725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.handymanhall.com"] [uri "/.env"] [unique_id "aSPgnstmLGo2k5Q1Iz4w-gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-11-15 12:07:59 (7 months ago)	(From [email protected]) Interested in growing sandyplainschiro.com aud ... show more (From [email protected]) Interested in growing sandyplainschiro.com audience fast? Start your Free Trial. show less	Phishing Web Spam
Anonymous	2025-10-17 03:58:12 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇨🇦 wil.com	2025-10-16 08:51:56 (8 months ago)	GlobalProtect login attempts with user jok.	VPN IP Brute-Force

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 193.37.32.218

🇺🇸 40.124.186.155

🇮🇩 36.94.56.242

🇵🇰 223.123.71.241

🇧🇷 189.6.234.192

🇺🇸 162.216.149.99

🇰🇷 14.33.96.3

🇷🇴 193.32.162.84

🇲🇽 187.191.48.4

🇨🇳 115.56.238.174

🇷🇺 93.77.187.140

🇺🇸 91.193.232.252

🇷🇴 80.94.92.234

🇩🇪 64.89.163.48

🇳🇱 45.153.34.87

🇸🇬 43.156.239.194

🇻🇳 27.71.230.31

🇳🇱 132.243.121.237

🇨🇦 34.19.194.41

🇳🇱 5.83.143.123