JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.2

104.207.52.2 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 9%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.2

Whois 104.207.52.2

IP Abuse Reports for 104.207.52.2:

This IP address has been reported a total of 86 times from 18 distinct sources. 104.207.52.2 was first reported on June 4th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-05-13 22:03:33 (3 weeks ago)	Auto-ban: >3000 req/min op 2026-05-13	Web App Attack SSH Hacking
🇪🇸 masterguru	2026-05-06 07:28:16 (1 month ago)	Port Scan detected from 104.207.52.2 (GB/United Kingdom/-). 11 hits in the last 201 seconds (0-122 ... show more Port Scan detected from 104.207.52.2 (GB/United Kingdom/-). 11 hits in the last 201 seconds (0-122) show less	Port Scan
🇮🇹 VHosting	2026-03-02 19:50:04 (3 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇪🇸 10dencehispahard SL	2026-01-13 07:31:07 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 nowyouknow	2026-01-05 20:32:01 (5 months ago)	(From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to ... show more (From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to use — affiliate links, this will be relevant. One issue I see constantly is that monetization is treated as something you “add later,” instead of something that’s designed into the site from the beginning. That usually leads to: random placement of links unclear visitor intent unpredictable income It works, but never consistently. I put together a short explanation of why this happens and what changes once monetization is structured properly: https://marketersmentor.com/recurring-income-system.php?refer=chiropracticgreece.com You’ll know quickly whether this applies to your situation. Jayrn PS: And one quick note so you’re not wondering why you’re hearing from me: I only reach out to website owners because they’re the ones actively building something online. I’m not blasting random emails. I’m simply sharing a resource that has been helping a lot of people create predictable o show less	Phishing Web Spam
🇺🇸 nowyouknow	2026-01-04 07:23:13 (5 months ago)	(From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to use — ... show more (From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to use — affiliate links, this will be relevant. One issue I see constantly is that monetization is treated as something you “add later,” instead of something that’s designed into the site from the beginning. That usually leads to: random placement of links unclear visitor intent unpredictable income It works, but never consistently. I put together a short explanation of why this happens and what changes once monetization is structured properly: https://marketersmentor.com/recurring-income-system.php?refer=cavallarochiro.com You’ll know quickly whether this applies to your situation. Jayrn PS: And one quick note so you’re not wondering why you’re hearing from me: I only reach out to website owners because they’re the ones actively building something online. I’m not blasting random emails. I’m simply sharing a resource that has been helping a lot of people create predictable online inco show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2026-01-03 08:04:58 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 104.207.52.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 104.207.52.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 03 03:04:49.686228 2026] [security2:error] [pid 21658:tid 21658] [client 104.207.52.2:17311] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|puduspoems.com\|F\|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "puduspoems.com"] [uri "/web/20140107222105/http:/wwp.icq.com/scripts/WWPMsg.dll"] [unique_id "aVjNoa5XCo3CCd6PdPhH7wAAAA8"], referer: http://puduspoems.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-23 19:25:38 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:36:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:35:48.929167 2025] [security2:error] [pid 3965259:tid 3965334] [client 104.207.52.2:14547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.chronotar.com"] [uri "/.svn/wc.db"] [unique_id "aSPgpMHsvdKIeQe-cM8DmgAAAUk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 04:15:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:14:58.225364 2025] [security2:error] [pid 11562:tid 11562] [client 104.207.52.2:16415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.hakkawok.com"] [uri "/.env"] [unique_id "aSPbwqbXMCtaCWQdY02GOwAAACQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 02:32:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 21:32:49.290475 2025] [security2:error] [pid 8578:tid 8578] [client 104.207.52.2:55623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.seacoastmarines.com"] [uri "/.env"] [unique_id "aSPD0cv1wwkxqFogWK-sIgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-19 05:43:41 (7 months ago)	Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.19 is noted in report t ... show more Attempted brute force login to web vpn 108 time(s); last attempt for 2025.10.19 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-10-18 02:59:06 (7 months ago)	Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.18 is noted in report ti ... show more Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-07 12:51:38 (1 year ago)	Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 20:31:48 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.106

🇲🇽 186.96.145.241

🇫🇷 173.212.244.120

🇨🇳 111.9.22.102

🇷🇴 80.94.92.182

🇨🇳 60.166.83.0

🇺🇸 20.168.123.252

🇺🇸 2a02:4780:2b:2206:0:2d71:4f4a:1

🇨🇳 139.170.72.13

🇺🇸 138.113.22.151

🇩🇪 91.217.249.31

🇱🇹 85.206.68.80

🇨🇳 1.24.16.134

🇮🇳 157.49.127.237

🇯🇵 118.193.61.14

🇨🇳 111.226.47.178

🇭🇰 103.56.115.187

🇷🇴 80.94.92.168

🇺🇸 47.251.248.165

🇯🇵 40.74.66.130