JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.52.5

104.207.52.5 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 0%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.52.5

Whois 104.207.52.5

IP Abuse Reports for 104.207.52.5:

This IP address has been reported a total of 80 times from 13 distinct sources. 104.207.52.5 was first reported on June 5th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-01-05 20:05:02 (5 months ago)	Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 9 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2026-01-04 15:45:34 (5 months ago)	[redacted] 104.207.52.5 - - [04/Jan/2026:16:45:33 +0100] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Mozi ... show more [redacted] 104.207.52.5 - - [04/Jan/2026:16:45:33 +0100] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 104.207.52.5 - - [04/Jan/2026:16:45:33 +0100] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 104.207.52.5 - - [04/Jan/2026:16:45:33 +0100] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0" [redacted] 104.207.52.5 - - [04/Jan/2026:16:45:33 +0100] "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Edg/120.0.0.0" [redacted] 104.207.52.5 - - [04/Jan/2026:16:45:33 +0 ... show less	Hacking Web App Attack
🇮🇹 VHosting	2026-01-02 12:40:03 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇨🇭 backslash	2025-12-30 21:00:16 (5 months ago)	block ruleset 486D2EE5E731CC049D1E480D68D04DFFE28AADF1	Bad Web Bot
🇺🇸 nowyouknow	2025-12-22 21:49:21 (5 months ago)	(From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing t ... show more (From [email protected]) Hi, it’s Jayrn. If your site already uses — or is preparing to use — affiliate links, this will be relevant. One issue I see constantly is that monetization is treated as something you “add later,” instead of something that’s designed into the site from the beginning. That usually leads to: random placement of links unclear visitor intent unpredictable income It works, but never consistently. I put together a short explanation of why this happens and what changes once monetization is structured properly: https://marketersmentor.com/recurring-income-system.php?refer=aberdeenfamilychiropractic.com You’ll know quickly whether this applies to your situation. Jayrn PS: And one quick note so you’re not wondering why you’re hearing from me: I only reach out to website owners because they’re the ones actively building something online. I’m not blasting random emails. I’m simply sharing a resource that has been helping a lot of people create pred show less	Phishing Web Spam
🇧🇪 madeit	2025-11-30 04:39:03 (6 months ago)		Web App Attack
Anonymous	2025-11-26 22:57:28 (6 months ago)	Attempted brute force login to web vpn 18 time(s); last attempt for 2025.11.26 is noted in report ti ... show more Attempted brute force login to web vpn 18 time(s); last attempt for 2025.11.26 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-11-24 07:20:10 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:19:41.192964 2025] [security2:error] [pid 7165:tid 7165] [client 104.207.52.5:16907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.capecodbeachfront.com"] [uri "/.env"] [unique_id "aSQHDbhz8dEVQYv71I0JgAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 07:05:01 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:04:54.008578 2025] [security2:error] [pid 17130:tid 17130] [client 104.207.52.5:14143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.69strains.com"] [uri "/.env"] [unique_id "aSQDlpOY9wUc9RFFGLo75AAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 06:22:37 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:22:28.511370 2025] [security2:error] [pid 4906:tid 4906] [client 104.207.52.5:52829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.massingale.com"] [uri "/.env"] [unique_id "aSP5pFr8WK8JXyL8zik45AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:33:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.52.5 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 104.207.52.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:33:31.668930 2025] [security2:error] [pid 12105:tid 12105] [client 104.207.52.5:29335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.canaldumidi360.com"] [uri "/.git/HEAD"] [unique_id "aSPuK7_luIhcm8vrW9qwCwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-07 07:31:05 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.07 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-06 19:10:21 (1 year ago)	Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.06 is noted in report tim ... show more Attempted brute force login to web vpn 6 time(s); last attempt for 2025.04.06 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-05 02:15:51 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.04.05 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-04-04 12:07:19 (1 year ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.04 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.04.04 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 2a09:bac5:398c:2646::3d0:16

🇨🇳 106.53.10.16

🇮🇹 87.10.235.249

🇸🇬 47.128.126.59

🇸🇬 47.128.16.125

🇫🇷 185.177.72.38

🇵🇭 165.154.58.251

🇨🇳 120.221.233.40

🇨🇳 115.190.63.151

🇸🇬 47.128.126.58

🇸🇬 47.128.126.53

🇺🇸 34.135.200.178

🇺🇸 18.212.68.99

🇷🇴 2.57.122.238

🇹🇷 176.88.141.100

🇩🇪 159.223.18.77

🇨🇳 120.238.23.168

🇺🇸 103.143.231.24

🇷🇴 80.94.92.164

🇸🇬 47.128.126.48