JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.142

104.207.52.142 was found in our database!

This IP was reported 122 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.142

Whois 104.207.52.142

IP Abuse Reports for 104.207.52.142:

This IP address has been reported a total of 122 times from 17 distinct sources. 104.207.52.142 was first reported on June 4th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 F242	2026-01-30 06:05:01 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:01:04 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-27 21:08:25 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:08:17.239216 2025] [security2:error] [pid 16547:tid 16547] [client 104.207.52.142:47871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "earlsworkshop.com"] [uri "/.git/HEAD"] [unique_id "aVBKwZN1UXpPsqSpothl4QAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-12-27 19:04:03 (5 months ago)	trolling for resource vulnerabilities	Web App Attack
Anonymous	2025-12-26 08:45:12 (5 months ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇱🇻 garmtech.com	2025-11-28 00:45:57 (6 months ago)	IM360 WAF: Information Disclosure Attempt in WordPress MV:/wp-config.php.old	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:53:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:52:57.031951 2025] [security2:error] [pid 1685:tid 1685] [client 104.207.52.142:30933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.jimgrenier.com"] [uri "/.svn/wc.db"] [unique_id "aSQO2dYPpqs1KXRUwLVZsAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:56:36 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:56:31.580768 2025] [security2:error] [pid 29878:tid 29878] [client 104.207.52.142:20579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.donshotrodshop.net"] [uri "/.svn/wc.db"] [unique_id "aSPlf8iLEkkF95ot2G1HlQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:35:05 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:35:01.071865 2025] [security2:error] [pid 3503:tid 3503] [client 104.207.52.142:55009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.wild-goose.net"] [uri "/.git/HEAD"] [unique_id "aSPgdZoQqmoLU2eG8jV5RwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ✨	2025-11-02 22:41:02 (7 months ago)	Domain : todoparatuboda.net Rule : config 2025-11-02 22:39:54 152.53.151.170 GET /.aws/credentials - ... show more Domain : todoparatuboda.net Rule : config 2025-11-02 22:39:54 152.53.151.170 GET /.aws/credentials - 80 - 141.101.76.47 HTTP/1.1 Mozilla/5.0 (Linux; Android 9; VOG-L29) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36 - todoparatuboda.net 404 0 0 10685 466 90 - 104.207.52.142 show less	Hacking SQL Injection
Anonymous	2025-10-16 13:26:06 (8 months ago)	[redacted] 104.207.52.142 - - [16/Oct/2025:15:25:41 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" " ... show more [redacted] 104.207.52.142 - - [16/Oct/2025:15:25:41 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; (R1 1.5))" [redacted] 104.207.52.142 - - [16/Oct/2025:15:25:42 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0" [redacted] 104.207.52.142 - - [16/Oct/2025:15:25:46 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux x86_64) AppleWebKit/538.19 (KHTML, like Gecko) JavaFX/8.0 Safari/538.19" [redacted] 104.207.52.142 - - [16/Oct/2025:15:25:47 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 11_1_1 like Mac OS X) AppleWebKit/604.3.5 (KHTML, like Gecko) Version/11.0 Mobile/15B150 Safari/604.1" [redacted] 104.207.52.142 - - [16/Oct/2025:15:25:51 +0200] "POST /xmlrpc.php HTTP/2.0" 200 401 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G610M) AppleWe ... show less	Hacking Web App Attack
Anonymous	2025-10-16 12:30:36 (8 months ago)	WordPress Brute Force	Brute-Force
🇬🇧 oncord	2025-10-14 14:15:20 (8 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-10-04 04:21:28 (8 months ago)	Form spam	Web Spam
Anonymous	2025-04-07 11:45:20 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 122 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.89.15.85

🇲🇿 197.249.239.231

🇳🇱 193.176.31.153

🇺🇸 193.33.236.180

🇸🇦 176.224.54.24

🇫🇷 85.217.140.29

🇺🇸 72.88.254.218

🇳🇱 64.225.72.98

🇨🇳 59.52.178.14

🇨🇳 14.103.84.145

🇺🇸 2607:f8b0:4004:c25::12d

🇹🇼 220.133.165.83

🇺🇸 216.180.246.28

🇰🇷 211.62.111.247

🇺🇸 204.111.212.47

🇲🇽 201.141.108.240

🇭🇰 199.45.155.96

🇭🇰 199.45.154.159

🇳🇱 195.178.110.199

🇫🇷 194.163.137.135